As part of the Global Technology Regulatory Assessments (GTRA) team, the IT SOX/CCAR Assessment Team is responsible for overseeing the execution of SOX and CCAR management assessment testing. The IT SOX/CCAR Assessment Team acts as a Subject Matter Expert on assessment design and strategy for IT general controls and automated business controls assessments for SOX and CCAR management assessment compliance. The ideal candidate will have solid experience in technology risk & controls, compliance assessment programs such as SOX or CCAR, and a proven track record in working on complex process and technology projects.
This specific role will report to the GTRA Financial Assessments product lead and partner with Global Technology teams and control owners to ensure technology-related risks in IT general controls are assessed appropriately, both internally with a central assessment execution team and externally with external auditors. A successful candidate will drive effective assessment approach and execution across IT general controls while effectively responding to strategic initiatives throughout global technology with innovative assessment approaches.
Key Responsibilities:
Oversees IT SOX and CCAR management assessments in partnership with Lines of Business SOX and CCAR team in
accordance with firm standards and methodology
Works with Business SOX teams to identify SOX and CCAP application scope and automated business controls
scope, and oversees testing of automated business controls
Provides guidance on and validation of remediation activities as it pertains to SOX and CCAR issues, ensuring
appropriate resolution of issues, action plans, breaks and remedies and support the closure verification process
Coordinates audit engagement of controls with internal and external auditors
Develops and maintains strong business and technology relationships, becoming a trusted partner with Technology
and Finance stakeholders
Communicates risk and other control findings with key stakeholders, develop recommendations and provide accurate
metrics and management reports on a timely basis
Qualifications
Basic Qualifications: Candidates must have a minimum 5-7 years of technology risk and controls experience, risk based consulting, risk assessments, audit and regulatory activities, preferably in the SOX or CCAR regulatory area.
Deep knowledge and prior experience in auditing and assessing all domains of Technology Infrastructure and
automated business controls to meet SOX and CCAR compliance requirements
Experience with implementation and oversight of technology risk and controls, coordination of activities for audits and
assessing an IT control environment
Detail oriented self-starter with strong conceptual, analytical, decision making, planning, time management and
prioritization skills
Ability to communicate oral and written ideas in a clear, concise manner, at all levels of the organization and influence
without authority
Prior experience in planning, coordination and implementation and the ability to work across teams and functions to
execute and deliver
A strong sense of ownership, commitment to quality and attention to detail
Aptitude to upskill and learn new technologies based on dynamic requirements
Preferred Skills:
Working knowledge of GRC technology & controls monitoring concepts in order to interact with technology product
owners
Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction
controls
Knowledge of process-focused methodologies for IT related activities (Change Management, Incident Management,
and SDLC)
"Big Four" IT audit experience leading planning and execution of SOC and/or SOX audits a plus
CISA or CRISC certification
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.