Cybersecurity Risk & Control Analyst - Onsite Interview

Role: Cybersecurity Risk & Control Analyst

Location: Houston, TX

Duration: Longterm

Mode of interview: 1 Video & 1 in person

Risk Mitigation

Work with engineering team to maintain a robust controls framework for the Kinexys technology organization. Partner with Cyber Technology and Controls, TRC and application owners to execute on controls agenda inclusive of remediating CORE issues/action plans, breaks, risk assessments, controls testing and evidencing. Collaborate with risk and controls SMEs to build processes, policies, procedures and programs to close control gaps identified during annual assessments and/or during BAU project development. Keep abreast of regulatory changes and potential impact to controls environment. Partner with Business Controls to build taxonomy and maintain repository of artifacts/evidence. Build and maintain fundamental understanding of JPM Technology control standards

Qualifications

5 years financial services industry experience including Risk/Control and Technology roles.

Demonstrated solid understanding of technology fundamentals and evolving/emerging technologies inclusive of Information Security Architectures and Controls, CI/CD, SDLC, APIs, AWS Cloud platforms, Distributed Ledger Technologies and Architectures such as Blockchain, DevOps, Enterprise Production Operations

Knowledge and hands on experience with Cloud (AWS) and Azure AD environment Prior work experience or familiarity with JPMorgan internal systems (Archer, CORE, SEAL, AOS, 4Site, DNA, DFR) a plus.

Strong familiarity with risk measurements and information security standards.

Demonstrated solid understanding of Wholesale Payments products.

Proven track record working in new/emerging businesses with ambiguity and fluid priorities.

Proven track record of initiating policy and control improvements and driving programs and that enhance transparency, governance, or control.

Excellent technical writing capability and oral executive-level communications skills.

Demonstrable skill to tailor complex regulatory issues into effective messages. Highly motivated, well-organized self-starter with exceptional judgment and strong analytical, advisory, communication, and project management skills.

Demonstrated leadership skills. Ability to influence others.

Strong team player with ability to work closely with multiple constituents.

Ability to anticipate and understand complex regulator and stakeholder requirements.

Ability to manage multiple work streams with varied stakeholders simultaneously.

Ability and confidence to engage all levels of management.

Ability to maintain sound judgement under pressure when faced with imperfect information.

Proficient in Excel, PowerPoint, MS Word, and other Office applications.

Experience using JIRA, Confluence and Sharepoint collaboration tools. Experience and comfort working in an Agile environment.

Strong process and project management orientation. Certification: CISA, CRISC, CISSP or other security certification preferred