Apply Now    

Controls Testing Lead

Req #: 170090639_1
Location: Columbus, OH, US
Job Category: Technology
Job Description:
The Corporate Technology Risk & Controls Team is responsible for IT risk coverage for JPMorgan Chase's Corporate Technology line of business. The goal of this team is to consistently identify, assess, and manage technology risks across all environments. Where controls are not adequate, this team escalates those concerns and assists with driving improvements to the overall control environment. To accomplish this goal, the team partners with corporate groups including the Global Privacy Office, Corporate ITRM, Third Party Risk Management, Audit, and the Line of Business Technology teams. The team also serves the business in a consultative manner, providing guidance to the business on addressing identified technology risks.

As a Controls Testing Lead, you will manage the RCSA, SOX, CCAR and PCI testing programs within Corporate Technology


Key Responsibilities:
  • Manage the team of controls testers in Jersey City and Hyderabad India, working with other program and people managers across the group
  • Manage controls testing programs including scoping, achieving all milestones and working with stakeholders on scoping
  • Monitor technology issues previously identified by testing and support the closure verification process
  • Identify opportunities for process improvements to deliver increasing efficiency within the Risk & Control framework
  • BA/BS Degree or Equivalent Experience
  • 7-10 years of experience in IT, IT Risk management, audit or equivalent
  • Broad understanding of Inherent Risk and Control effectiveness to be able to communicate concisely and completely to others
  • Experience with risk assessment, interpretation, analytical and negotiation skills
  • Proficient verbal and written communication skills, including the ability to effectively lead discussions and meetings
  • Technical skills experience, including: audit, control assessment, business analysis, IT Risk Management, performance metrics and reporting, technical problem resolution, project management, and vendor management.
  • Working knowledge within the following risk domains/technologies:
SDLC Risk and Control
Database and application security
Access Administration
Security Event Logging & Monitoring
Change Management
Vulnerability Management
Disaster Recovery
  • Knowledge of current regulatory impact and expectations on technology per Sarbanes Oxley, Gramm-Leach Bliley Act, Frank-Dodd, Basel and other regulations affecting Risk and Finance.
  • CRISC, CISSP or CISM/CISA certifications a plus
Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.