• Competitive
  • Brooklyn, NY, USA
  • Permanent, Full time
  • JPMorgan.
  • 2018-09-18

CIB Cybersecurity & Technology Controls

  • 180072683
  • Brooklyn, NY, USA
  • Accounting/Finance/Audit/Risk

CIB Cybersecurity & Technology Controls

Job Description:

The CIB CTC Audit & Regulatory, Controls Attestation manager is an IT audit specialist who uses this expertise to manage planning and execution of 3 rd party attestation engagements (SOC1, SOC2, ISAE 3402, AT-C 205) as well as ensure readiness and remediation across internal/external audit and regulatory exam scopes, ensuring ability to meet the demands of external clients across lines of business. Remediation includes management of audit findings, root cause analysis, regulatory intelligence and change management.

The role requires interaction with various stakeholders including Technology Risk & Controls managers, technology management as well as interfacing with external and internal auditors to help drive global consistency in our approach, execution and reporting across the global technology and technology risk functions. Successful execution of responsibilities requires strong program management, influencing, partnering, and communication skills interacting cross line of business and corporate teams.

Key Responsibilities:

Coordinate with key stakeholders -- including external and internal auditors, technology management, lines of business, various risk functions, operations and program governance teams to:
  • Identify and lead x-LOB teams in identifying appropriate response to external auditors with respect to potential and confirmed control exceptions, including identification of relevant compensating controls for deficiencies
  • Oversee remedial workstreams, assessing effectiveness of proposed solutions and driving timely and effective solutions to control issues potentially impactful to programs
  • Lead proactive readiness- assessments (platforms, tools, applications) to ensure controls are suitably designed and placed in operation, and that appropriate governance is in place to avoid impacts to external audits
  • Obtain early visibility into potential changes to program scope, facilitating readiness
  • New Reports: Partner with internal business owners, O&C and external auditors to identify appropriate form of reporting (e.g., SOC1, SSAE3402, AT-205, and ISAE 3000) to meet client and/or regulatory requirements; taking the lead in report development, readiness and execution.
  • Ensure quality standards are achieved in development and maintenance of program documentation
  • Communication to key stakeholders to ensure a no surprises environment, and facilitate development, maintenance and delivery of consistent and meaningful reporting and metrics
  • Timely reporting on program status to senior management stakeholders
  • Development of educational / guidance resources for use by Technology Risk & Controls and Technology personnel
  • People leadership, including performance management and development

Key Skills / Qualifications

  • Subject matter expertise in forms of controls attestation reporting ( e.g., SOC1, SSAE3402, AT-205, ISAE 3000, etc.)
  • 8+ years' equivalent experience dedicated to leading execution of IT controls attestation engagements, including SOC1 and/or SOX
  • Minimum of four years of Manager level "Big Four" IT Audit experience required, including specific experience leading planning and execution of SOC and/or SOX audits
  • Confidence and self-assurance in interactions with external auditors and ability to reach across the firm to engage appropriate management, set agendas, lead calls with senior management and drive actions to meet program objectives
  • Strong exceptions analysis and issue management capabilities
  • Deep knowledge of auditing of IT general computer controls and application controls
  • Strong program management skills, with proven ability to deliver quality results in a deadline-driven environment
  • Must be a detail oriented, quality-focused manager; with strong documentation and reporting skills
  • A problem solver with proven ability to evaluate processes, controls, identify weaknesses and potential solutions
  • Ability to work effectively in a global team environment and drive results in a matrixed organization
  • A strong sense of ownership, commitment to quality and attention to detail
  • Excellent interpersonal skills - verbal communications, written communications, and track record of collaboration
  • Intellectual rigor, emotional intelligence, high energy and a passion for the delivery of high quality project outcomes
Brooklyn, NY, USA Brooklyn NY US