Audit – Cybersecurity & Technology Controls Audit Director – Executive Director Job
JPMorgan Chase & Co
New York, NY
Estimated: $71K – $128K yearly
J.P. Morgan helps businesses, markets and communities grow and develop in more than 100 countries. Through our Corporate and Investment Bank, we provide banking, markets and investor services, treasury services and more for the world’s most important corporations, governments and institutions. Our Asset and Wealth Management business provides global market insights and a range of investment capabilities for individuals and families, advisors and institutions.
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J. P. Morgan and Chase brands. Information about JP morgan Chase & Co. is available at http://www. jpmorganchase. com/.
The JP Morgan Chase Audit Department is accountable to the Audit Committee of the Board of Directors, the Executive Committee, the Office of the Chairman, senior management and the firm’s regulators. The global Audit Department exceeds 1000 auditors. As one of the key control functions in JP Morgan Chase & Co, the Audit Department is an independent assessment function established to evaluate, test, and report on the adequacy and effectiveness of management systems of internal controls.
The Cybersecurity & Technology Controls (CTC) Audit Director will report directly into the CTC Senior Audit Director who is responsible for coverage of all CTC areas including various firmwide centralized capabilities such as Cybersecurity, Access Management, Technology Controls and Technology Resiliency. The Audit Director will be responsible for the ongoing risk assessment, control identification, audit plan management, resource scheduling, team development and continuous monitoring activities. The Audit Director will also be directly responsible for the management and development of a team of auditors (4 to 5) located in New York. In addition, the Audit Director will be responsible for understanding CTC strategy and keeping informed of key cybersecurity industry developments.
This role is for an experienced IT Audit professional to join the North America Cybersecurity & Technology Controls Audit Team. This position is best placed in New York although Wilmington, Delaware is also a possible location. A key area of focus for this role will include coverage of the Cybersecurity & Technology Controls space including oversight for various cybersecurity functions.
- Work closely with infrastructure, technology and business audit colleagues to ensure that key risks are identified and assessed in the program of audit coverage.
- Provide strong oversight for all aspects of audits including risk assessments, audit planning, audit testing, control evaluation, report drafting and follow up and verification of issue closure.
- Manage audit engagements with specific focus on holding the entire team accountable for meeting deliverables and adhering to departmental and professional standards in an efficient manner.
- Establish strong relationships with senior Cybersecurity and CTC leadership, related controls groups and business auditors.
- Attention to detail to ensure accuracy and completeness of audit coverage and the establishment of a business climate and culture that encourages integrity, respect, excellence and innovation.
- Write audit reports with minimal intervention by the Senior Audit Director.
- Partner with colleagues, stakeholders and control community members to evaluate, test and report on the adequacy and effectiveness of management controls with appropriate recommendations for improvement. This may be delivered through specific audit reviews or through ongoing involvement in major activities or projects.
- Conduct annual performance appraisals for the team members, and provide ongoing feedback.
- Bachelor’s degree (or relevant financial services experience) required with at least 10 years of internal or external auditing experience, with a good level of technology background.
- Certified Information Systems Auditor (CISA) expected and Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or other technical designation considered necessary to be successful.
- Extensive knowledge of cybersecurity controls, technology governance and risk assessments, coupled with a strong background in Agile methodology.
- Strong infrastructure technical knowledge covering controls related to distributed technologies, operating systems, database platforms and networks.
- Ability to manage multiple tasks concurrently in an efficient and effective manner with minimal supervision.
- Experience in planning and executing audits in accordance with professional standards.
- Excellent verbal and written communication skills. Also, good interpersonal skills with the ability to present complex and sensitive issues to senior management, and influence change.
- Ability to quickly build strong partnerships amongst technology and business Audit teams and internal stakeholders.
- Team player who works well individually and in teams, shares information and collaborates with colleagues during execution of the audit plan.
- Enthusiastic, self-motivated, strong interest in learning, effective under pressure and willing to take personal responsibility / accountability.