Tech Risk Lead – Controls Attestation Management
| Company | JP Morgan Chase |
|---|---|
| Location | New York, NY, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- Obtain 5+ years of experience or equivalent expertise within a ‘Big Four’ or top IT consulting firm, at least 2 of which are at Manager level – leading planning and/or executing IT Controls attestation audits, including SOC/SOX audits
- Exceptional issue management, exceptions analysis and problem solving skills
- Intellectual rigor
- Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
- Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives
- Strong program management and problem solving skills, with proven ability to deliver quality results in a deadline-driven environment
- Confidence and self-assurance in interactions with external auditors, senior management and clients
- Must be a detail oriented, quality-focused manager; with strong documentation and reporting skills
- Ability to work effectively in a global team environment, to reach across the firm to engage appropriate management, set agendas, lead calls with senior management and drive results in a matrix organization
Responsibilities
- Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
- Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
- Partner with business owners, and external auditors to meet client and/or regulatory requirements; taking the lead in new SOC-attestation report development and readiness
- Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
- Lead proactive readiness-assessments (platforms, tools, applications) to ensure controls are suitably designed and placed in operation, and that appropriate governance is in place to avoid impacts to external audits
- Oversee remedial work streams, assessing effectiveness of proposed solutions and driving timely and effective solutions to control issues potentially impactful to programs
- Lead x-LOB teams in identifying appropriate response to external auditors with respect to potential and confirmed control exceptions, including identification of relevant compensating controls for deficiencies
- Communication to key stakeholders to ensure a no surprises environment, and facilitate development, maintenance and delivery of consistent and meaningful reporting and metrics
- Timely reporting on program status to senior management stakeholders
- Develop educational / guidance resources for use by Technology Risk & Controls and Technology personnel
Preferred Qualifications
- CPA, CISA, CISM, CRISC, CISSP, or similar industry-recognized certifications are preferred