Technology Audit Manager - Vice President

About The Position

Requirements

• 7+ years of internal or external auditing experience
• Bachelor's degree in Technology, Accounting, Finance, or a related discipline.
• Great understanding of audit methodologies, internal control concepts, and the ability to evaluate and determine the adequacy of control design and operating effectiveness.
• Experience in managing and evaluating security controls, with proficiency in the Information Systems Auditing Process and key areas such as Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Security Operations, and Cyber Resiliency.
• Advanced data analytical skills, adept at interpreting complex data sets and deriving meaningful insights.
• Good strategic thinking skills, with the ability to align audit activities with the organization's strategic objectives and cybersecurity goals.
• Knowledge of IT and Cloud management and control frameworks.
• Experience in a highly formal audit environment, including preparation of formal test of design and test of effectiveness work-papers.
• Certification in one or more of the following audit or security focus areas: CISA, CISSP, SANS, or expertise in cloud platforms such as AWS, Azure, or Google Cloud.
• Excellent verbal and written communication skills, with the ability to effectively communicate complex security concepts to stakeholders at all levels.

Nice To Haves

• Related professional certification such as CIA, CPA, or CRISC is advantageous.
• Familiarity with coding, data analytics, cybersecurity controls, cloud design and controls, and/or distributed technologies is a plus.
• Experience navigating matrixed organizations and interfacing with regulatory agencies is beneficial.
• Experience leading and providing feedback to staff on audit projects or engagements is desirable.
• Experience with Issue Validation and Remediation is preferred.
• In-depth knowledge of financial regulations and compliance requirements related to cybersecurity, such as GDPR, PCI-DSS, SOX, and FFIEC guidelines, is a plus.

Responsibilities

• Lead and execute large-scale audits or projects independently, including critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management. Develop effective test plans and perform audit testing to ensure timeliness, accuracy, and quality.
• Identify and assess key risks and controls, executing and documenting work in accordance with JPMorgan & Chase's Internal Audit policy. Design and execute tests to verify control effectiveness to mitigate risk.
• Demonstrate professional skepticism while conducting audits, independently raising findings within established criteria, and keeping management and leadership informed throughout the process.
• Establish and maintain strong client relations during engagements, effectively communicating results to management via written reports and oral presentations. Prepare clear, organized documentation to support work performed.
• Lead continuous improvement by providing objective evaluations of technology processes, enhancing the organization's risk management capabilities, and developing business partnerships within Internal Audit and companywide.
• Adapt to change, embrace bold ideas, and leverage data analytics to enhance audit effectiveness.
• Stay informed about emerging cybersecurity technologies and trends, assessing their impact on the organization's risk landscape.
• Collaborate with IT, security, and business units to ensure a comprehensive approach to cybersecurity risk management.
• Lead and mentor audit teams, fostering a culture of continuous learning and improvement.