As a Vice President - Information Security Management at JP Morgan Chase within Cybersecurity & Technology Controls organization, this role calls for a strong manager with experience leading performance of controls attestation (SOC1, SOC2, SOX) engagements and understanding of SOC-Attest readiness, scoping and execution and issue management processes. The selected candidate will support the operations of the SOC Controls Attestation teams, facilitating efficient team operations across audit and regulatory exam scopes, driving resolution of concerns, to ensure the ability to meet the demands of internal and external clients across all lines of business. This role includes oversight of SOC administrative and financial activities, creation-maintenance of procedural documentation, operations status monitoring, and driving continuous process improvement. The role requires ongoing interactions with Controls Attestation Leads and teams, key CTC-technology stakeholders, SOC owners, and effective status reports to ensure a no surprises environment. Successful execution of responsibilities requires a candidate who is highly organized, with strong process management, analytical, documentation, and presentation-communication skills.
Job Responsibilities:
- Coordinate with Cyber and Tech Controls (CTC) Controls Attestation teams, x-LOB technology management, Finance & Business Management, and other key stakeholders to:
- Drive consistency in execution, and enhancements to controls-attest operations
- Communication to key stakeholders to ensure a no surprises environment, and facilitate development, maintenance and delivery of consistent and meaningful reporting and metrics
- Improve team tools, processes and best practices, identifying potential problems and points of friction and working to find solutions in order to maximize efficiency
- Oversee remedial work streams, assessing effectiveness of proposed solutions and driving timely and effective solutions
- Driving, developing, maintaining high quality process documentation, status reporting, and presentations
- Develop educational / guidance resources for use by CTC personnel
- People leadership, including performance management and development
Required, qualifications and/or skills:
- Formal training or certification on information security management* concepts and 5+ years applied experience with solid knowledge of controls attestation processes
- Minimum of three years of Manager level experience as Consulting firm practitioner (”Big Four” experience a definite plus), performing IT Controls audits, including experience leading planning and execution of SOC and/or SOX audits
- Strong organizational-leadership skills, with proven ability to deliver quality results in a deadline-driven environment
- Detail oriented, quality-focused; with strong documentation and reporting skills
- Confidence and self-assurance, including ability to reach across the firm to engage appropriate management, set agendas, lead calls with senior management and drive actions to meet program objectives
- A problem solver with proven ability to evaluate processes, controls, identify weaknesses and potential solutions
- Ability to work effectively in a global team environment and drive results in a matrixes organization
- A strong sense of ownership, commitment to quality and attention to detail
- Excellent interpersonal skills - verbal communications, written communications, and track record of collaboration
- Intellectual rigor, emotional intelligence, high energy and a passion for the delivery of high quality project outcomes
- MS Office applications (PowerPoint, Excel, Word)