Technology Risk Control Analyst - J.P. Morgan - Burke

Job description

JPMorgan Chase & Co . (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world"s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com . The Technology Controls Team is responsible for IT risk coverage for JPMorgan Chase"s Risk & Finance Technology (RFT) line of business. The goal of this team is to consistently identify, assess, and manage technology risks across all environments. Where controls are not adequate, this team escalates those concerns and assists with driving improvements to the overall control environment. To accomplish this goal, the team partners with corporate groups including the Global Privacy Office, Corporate ITRM, Audit, and the RFT Technology teams. The team also serves the business in a consultative manner, providing guidance to the business on addressing identified technology risks. As a Technology Risk Control Analyst, you will support Control Self Assessment (CSA) reviews, IT risk management oversight, facilitate remediation efforts as needed and support reporting for LOB management. Key Responsibilities: ·Assist with monitoring existing technology issues and actions and support the closure verification process ·Self-identify IT control issues and negotiate remedial actions and due dates ·Enforce compliance with Firm-wide risk reduction programs ·Assist with the quality assurance review of various control assessment programs ·Develop scorecard to help Technology Controls Team manage its internal objectives (e.g., timely completion of assessments, action plan closure status) ·Identify opportunities for process improvements to deliver increasing efficiency within assessment framework.

Desired profile

·3-5 + years of professional experience within Information Technology ·1-2 + years of IT Risk Management, Audit or Information Security experience ·Proficient risk assessment, interpretation, analytical and negotiation skills are preferred ·Proficient verbal and written communication skills, including the ability to effectively lead discussions and meetings ·Proficient technical skills, including: audit, control assessment, business analysis, change management, IT Risk Management, operation systems and data sources knowledge, performance metrics and reporting, technical problem resolution, project management, and vendor management. ·Knowledge of current regulatory impact and expectations on technology per Sarbanes Oxley, Gramm-Leach Bliley Act, Frank-Dodd, Basel and other regulations affecting Risk and Finance. ·CRISC, CISSP or CISM/CISA certifications a plus ·BA/BS Degree or Equivalent Experience ·Good working knowledge within the following risk domains/technologies: ·Database and application security ·Access Administration ·Infrastructure security / technologies ·Security Event Logging & Monitoring ·Database/Application/Network Layer Secure Protocols ·Physical and Environmental Security ·Secure Software/Code Development ·Change Management ·Vulnerability Management ·Disaster Recovery ·Encryption