Compliance, Conduct and Operational Risk – Tech & Cyber– Associate
CCOR Technology & Cybersecurity (“CCOR T&C”) is a group within the Compliance, Conduct and Operational Risk (CCOR) organization is responsible for the design and oversight of the second line of defense independent risk management program for technology and cybersecurity risks, leveraging the Operational Risk Framework, regulatory guidance (e.g., FFIEC, Heightened Standards, etc.) and laws, rules, and regulations.
The team is seeking a high performing Associate position based out of our Bangalore office in JPMorgan Towers. The role will be responsible for supporting a broad range of data activities supporting independent oversight of first line of defense’s (1LOD) technology and cybersecurity risk management practices. You will work with professionals who oversee the 1LOD GRC team’s delivery of risk & controls framework, control integration & assessment, risk treatment & analytics, and governance and reporting practices. You will need to have strong understanding of technology and cyber resiliency risks, the integration of business, technology and third party resiliency, providing effective assessment and challenge, and informed consultation. Additionally, you will need to be a strong self-starter, with intellectual curiosity, who can independently identify, assess, and monitor risks and the associated mitigating technology controls using a consistent, logical approach to assess the 1LOD technology resiliency operational environment as well as prepare/deliver written/verbal communications on risk and control assessment results to technical/non-technical audiences through senior levels within the firm.
Job Responsibilities
- Data Pipeline Development : Develop and manage ETL processes to ingest and process Tech Risk and controls, SEIM data from various sources ( e.g. configurations, logs, alerts, threat intelligence feeds).
- Data Integration : Ensure seamless integration of Risk & Controls data with firmwide tools like asset inventory , controls management , Security scanning and cloud SIEM
- Database Management : Design and optimize data storage solutions tailored for operational risk, ensuring data availability and performance.
- Data Quality and Security : Implement measures for data quality, integrity, and security, adhering to compliance standards and best practices.
- Risk Detection : Collaborate with global Technology ORM teams to design data models and queries that enhance risk detection and response capabilities.
- Automation: Develop automation scripts and tools to streamline tech Risk & Controls data processing and analysis.
- Documentation: Maintain detailed documentation of data pipelines, system architecture, and security protocols.
- Bachelor's/Masters Engineering degree and 6+ years relevant experiencedata engineering or a similar role
- Proficiency with data engineering tools and languages such as SQL, Python, and data processing frameworks (e.g., Apache Kafka, Spark).
- Proven experience in data engineering or a similar role, with a focus on technology controls/ security operations preferred
- Experience with SIEM systems (e.g., Splunk, ELK stack) and security data analytics an advantage
- Knowledge of Cloud technology controls ,security operations, incident response, and threat detection methodologies an advantage
- Familiarity with regulatory compliance requirements (e.g., GDPR, CCPA, PCI-DSS) an advantage
Skills:
- Strong understanding of data pipelines, ETL processes, and database management.
- Ability to write efficient and secure data queries and scripts.
- Hands on experience of data analytics technologies in Public Cloud such as Redshift, Elastic Map Reduce, Lake Formation, Glue, Athena etc.
- Familiarity with cybersecurity principles and threat landscapes an advantage
- Excellent problem-solving skills and attention to detail.
- Strong communication and collaboration skills.
Professional Certificates:
Public Cloud Certifications like AWS/GCP/ Azure Data Engineer , Security Speciality
1:30 pm to 10:30 pm India Hours