Enterprise Tech Audit Associate

Job Description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. JPMorgan Chase & Co. is committed to providing a comprehensive set of benefits choices to meet different employee needs and lifestyles, which include choices such as fully paid parental leave time, health care insurance and retirement benefits. JPMorgan Chase Internal Audit is an independent function accountable to the Audit and Examining Committee of the Board of Directors, the Office of the Chairman, senior management and our global and local regulators. Internal Audit is comprised of more than 1,000 auditors, located in key locations across the globe, and is responsible for assessing the adequacy of the control environments across the firms lines of business.The Enterprise Technology Audit Team (eg Global Technology Infrastructure, Cybersecurity & Technology controls, Chief Technology Office and Corporate Technology) is responsible for assessing the adequacy of the control environments across all of the respective technology/cybersecurity functions. This is achieved through a program of audit coverage, which is performed and managed by a global team of technology audit specialists. The role is for an experienced IT audit professional who would be based out of India (open to Mumbai or Bangalore) and will report locally into Audit Director in India and functionally to Audit Director onshore JPMorgan Chase Internal Audit seeks Auditor, Associate to participate on audit engagements to evaluate, test and report on audit findings to improve the design and effectiveness of key controls. Responsibilities:
• Work closely with business and technology audit colleagues to ensure that key risks are identified and assessed in the program of audit coverage.
• Assist in all aspects of audits including risk assessments, audit planning, audit testing, control evaluation, documentation, report drafting and follow up and verification of issue closure.
• Perform audit work in accordance with department and professional standards, and complete assignments in an efficient manner (timely and within budget)
• Attention to detail to ensure accuracy and completeness of audit coverage.
• Write audit work papers and reports with minimal intervention by the Audit manager.
• Partner with colleagues, stakeholders and control community members to evaluate, test and report on the adequacy and effectiveness of management controls with appropriate recommendations for improvement. This may be delivered through specific audit reviews or through ongoing involvement in major activities or projects, with strong working relationships while maintaining independence.
• Take ownership of self-development, including stretch assignments, to prepare for greater responsibilities and career growth and takes initiative to seek out opportunity for continued learning.
• Understand and embrace the firm s mission and How We Do Business Principles.
Qualifications:
• Bachelor s degree ( or relevant financial services experience ) required with at least 3+ years of internal or external technology auditing experience (Cybersecurity and Technology background a plus).
• Must have experience with core cybersecurity operations and one or more cyber security tools/process areas (e.g. network security, end point security, email security, cloud security, attack simulation, cyber threat modelling etc.)
• Must have demonstrated knowledge of technology processes, such as change management, security operations, technology operations, and business resiliency, as well as application and infrastructure controls.
• Professional certification (e.g. CISA, CISM, CISSP, CEH, GIAC etc.) or willingness to pursue required.
• Knowledge of technology controls, infrastructure technology, technology governance and assessments, various infrastructure tools & platforms.
• Extensive knowledge of system development life cycle concepts with an ability to quickly learn a complex, distributed computing environment.
• Ability to multitask and execute audit activities with minimal supervision .
• Strong analytical skills particularly in regard to assessing the probability and impact of an internal control weakness.
• Proficiency in risk analysis and report preparation.
• Proven ability and desire to learn quickly, be flexible and think strategically. Ability to lead audits and manage participating team members.
• Proven ability to be able to multi task, complete projects on time and on budget, and adjust to changing priorities.
• Ability to build strong partnerships across the technology and business teams.
• Excellent verbal and written communication skills.
• Enthusiastic, self-motivated, effective under pressure and willing to take personal responsibility/accountability.
,

Keyskills :
life cycleinternal auditit auditcyber securitychange managementboard of directors