Compliance and Operational Risk Technology Testing Specialist Associate

Shanghai - China

Monthly Salary: Not Disclosed

Posted on: 24 days ago

Vacancies: 1 Vacancy

Job Summary

Description

As a Compliance and Operational Risk Technology Testing Specialistwithin the Testing Center of Excellence in China you will shape the risk-based testing strategy on technology controls across business lines and own end-to-end planning and execution of technology compliance and operational risk this role you will operate in the first line of defence leading risk-based technology control testing across critical platforms and services to ensure controls are well-designed and operating effectively. You will partner closely with Technology Cybersecurity Risk Compliance and business stakeholders. You will utilize advanced analytical thinking sound judgment and strong stakeholder management to influence outcomes communicate results to senior leaders and regulators and continuously enhance our testing methodology.

If youre passionate about strengthening technology controls and reducing operational and cyber risk in a leading global financial institution this role is for you.

Job responsibilities

Lead the development and execution of a risk-based operational risk and compliance testing plan covering core technology controls across various technology governance risk and control domains e.g. identity and access management privileged access change and release management SDLC infrastructure operations disaster recovery configuration management vulnerability and patch management asset management network and endpoint security logging and monitoring and cloud services.
Scope and plan testing engagements: perform walkthroughs define test scripts and sampling identify control points and dependencies and align scope with risk assessments and regulatory obligations.
Evaluate control design and operating effectiveness and determine results with clear supportable conclusions identify control coverage gaps and recommend pragmatic enhancements.
Document high-quality process flows control narratives test plans and evidence packages.
Raise issues with well-defined risk statements root cause analysis and actionable time-bound remediation plans.
Produce timely accurate testing reports and metrics for governance forums. Present interim observations and final results to technology and business leaders.

Required qualifications capabilities and skills

Bachelors degree in Technology or related field.
Business level proficiency in Chinese(Mandarin) and English both written and verbal.
At least 7 years experience in technology control testing or technology audit or in technology risk and control management within complex regulated environments.
Business level proficiency in Chinese (Mandarin) and English both written and verbal.
Professional certifications such as CISA CISSP CISM CRISC CCSP or equivalent technology credentials.
Strong understanding of technology governance risk and control concepts with proven ability to assess both control design and operating effectiveness in an integrated businesstechnology context.
Knowledge across core Technology and Cyber domains such as architecture identity and access management vulnerability management cloud security application security data protection and incident management.
Understanding of emerging technologies and related risks.
Proficiency with productivity and collaboration tools (Excel Word PowerPoint) and familiarity with testing-enabling tools (e.g. Jira/Confluence ServiceNow or Archer GRC Splunk Qualys/Tenable).
Hands-on experience with data analytics and automation tools (e.g. SQL Python Alteryx Power BI Tableau) to increase testing efficiency and coverage.
Demonstrated proficiency in analytical thinking with a track record of systematically organizing comparing and evaluating various aspects of a situation to identify key information.
Excellent written verbal and presentation skills and ability to translate complex technical issues into clear concise and actionable messages for senior stakeholders.
Excellent stakeholder management with the ability to influence outcomes and navigate challenging discussions with senior audiences.
Able to collaborate with engineering product cyber and business teams to achieve testing outcomes while maintaining objectivity and independent judgement.
Demonstrated ability to manage multiple engagements deliver to deadlines and adapt to changing priorities in a dynamic environment.
Strong time management and organization. Ability to plan prioritize and coordinate across multiple concurrent engagements.

Required Experience:

DescriptionAs a Compliance and Operational Risk Technology Testing Specialistwithin the Testing Center of Excellence in China you will shape the risk-based testing strategy on technology controls across business lines and own end-to-end planning and execution of technology compliance and operational...

Description

If youre passionate about strengthening technology controls and reducing operational and cyber risk in a leading global financial institution this role is for you.

Job responsibilities

Lead the development and execution of a risk-based operational risk and compliance testing plan covering core technology controls across various technology governance risk and control domains e.g. identity and access management privileged access change and release management SDLC infrastructure operations disaster recovery configuration management vulnerability and patch management asset management network and endpoint security logging and monitoring and cloud services.
Scope and plan testing engagements: perform walkthroughs define test scripts and sampling identify control points and dependencies and align scope with risk assessments and regulatory obligations.
Evaluate control design and operating effectiveness and determine results with clear supportable conclusions identify control coverage gaps and recommend pragmatic enhancements.
Document high-quality process flows control narratives test plans and evidence packages.
Raise issues with well-defined risk statements root cause analysis and actionable time-bound remediation plans.
Produce timely accurate testing reports and metrics for governance forums. Present interim observations and final results to technology and business leaders.

Required qualifications capabilities and skills

Bachelors degree in Technology or related field.
Business level proficiency in Chinese(Mandarin) and English both written and verbal.
At least 7 years experience in technology control testing or technology audit or in technology risk and control management within complex regulated environments.
Business level proficiency in Chinese (Mandarin) and English both written and verbal.
Professional certifications such as CISA CISSP CISM CRISC CCSP or equivalent technology credentials.
Strong understanding of technology governance risk and control concepts with proven ability to assess both control design and operating effectiveness in an integrated businesstechnology context.
Knowledge across core Technology and Cyber domains such as architecture identity and access management vulnerability management cloud security application security data protection and incident management.
Understanding of emerging technologies and related risks.
Proficiency with productivity and collaboration tools (Excel Word PowerPoint) and familiarity with testing-enabling tools (e.g. Jira/Confluence ServiceNow or Archer GRC Splunk Qualys/Tenable).
Hands-on experience with data analytics and automation tools (e.g. SQL Python Alteryx Power BI Tableau) to increase testing efficiency and coverage.
Demonstrated proficiency in analytical thinking with a track record of systematically organizing comparing and evaluating various aspects of a situation to identify key information.
Excellent written verbal and presentation skills and ability to translate complex technical issues into clear concise and actionable messages for senior stakeholders.
Excellent stakeholder management with the ability to influence outcomes and navigate challenging discussions with senior audiences.
Able to collaborate with engineering product cyber and business teams to achieve testing outcomes while maintaining objectivity and independent judgement.
Demonstrated ability to manage multiple engagements deliver to deadlines and adapt to changing priorities in a dynamic environment.
Strong time management and organization. Ability to plan prioritize and coordinate across multiple concurrent engagements.

Required Experience:

Key Skills

Computer Science
Operational Risk Management
Risk Management
Six Sigma
Continuous Improvement
Lean
Process Improvement
Pricing
Customer Support
Alteryx
Kaizen
Project Management Lifecycle

Apply Now

About Company

JPMorganChase

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans ov ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click