Information Security Manager - SOC1 - SOC2 Attestation Management

Company: JPMorgan Chase & Co.
Location: Jersey City
Posted on: March 4, 2025

Job Description:

Our Information Security Management (ISM) professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm.Responsibilities include:

• Offering guidance, best practices, and support across businesses.
• Leading risk reviews and vulnerability assessments.
• Identifying threats and communicating with senior leaders and other stakeholders.
• Managing budgets.
• Coordination with key stakeholders -- including external and internal auditors, technology and operations management, control owners, lines of business, various risk functions, operations and program governance teams.
• Obtaining early visibility into potential changes to program scope, facilitating readiness.
• Leading proactive readiness-assessments (platforms, tools, applications) to ensure controls are suitably designed and placed in operation, and that appropriate governance is in place to avoid impacts to external audits.
• Overseeing remedial workstreams, assessing effectiveness of proposed solutions and driving timely and effective solutions to control issues potentially impactful to programs.
• Identifying and leading x-LOB teams in identifying appropriate response to external auditors with respect to potential and confirmed control exceptions, including identification of relevant compensating controls for deficiencies.
• Partnering with internal business owners, O&C and external auditors to meet client and/or regulatory requirements; taking the lead in report development and readiness.
• Ensuring quality standards are achieved in development and maintenance of program documentation.
• Communicating to key stakeholders to ensure a no surprises environment, and facilitating development, maintenance and delivery of consistent and meaningful reporting and metrics.
• Timely reporting on program status to senior management stakeholders.
• Developing educational/guidance resources for use by Technology Risk & Controls and Technology personnel.
• People leadership, including performance management and development.Key Skills / Qualifications
  • Minimum of two years of experience as Consulting firm practitioner ("Big Four" experience a definite plus), performing IT Controls attestation audits, including experience leading planning and execution of SOC and/or SOX audits.
  • 6+ years' experience dedicated to planning and leading execution of controls attestation engagements.
  • Exceptional issue management and exceptions analysis skills.
  • Solid knowledge of auditing of IT general computer controls and application controls.
  • Strong program management and problem solving skills, with proven ability to deliver quality results in a deadline-driven environment.
  • Confidence and self-assurance in interactions with external auditors and ability to reach across the firm to engage appropriate management, set agendas, lead calls with senior management and drive actions to meet program objectives.
  • Excellent verbal and written communication skills.
  • Detail-oriented, quality-focused manager; with strong documentation and reporting skills.
  • Excellent interpersonal skills, collaborative mindset; ability to develop strong relationships with stakeholders.
  • Ability to work effectively in a global team environment and drive results in a matrixed organization.
  • Strong sense of ownership, commitment to quality and attention to detail.
  • Intellectual rigor, emotional intelligence, high energy and a passion for the delivery of high-quality project outcomes.
    #J-18808-Ljbffr

Keywords: JPMorgan Chase & Co., Jersey City , Information Security Manager - SOC1 - SOC2 Attestation Management, Executive , Jersey City, New Jersey