Private Banking Technology – Information Risk Controls Manager recruitment
J.P.Morgan Private Bank is a global wealth management leader that delivers the highest quality advice, service, and capabilities to wealthy individuals and families in 36 countries around the world. The largest private bank in the U.S. and the third-largest worldwide in terms of total client assets, the Private Bank enjoys relationships with 40% of the individuals on the Forbes Billionaires list.
Our Singapore office is currently looking for creative and dynamic professionals for its Technology department. The Asia Technology department services the business at the International Private Bank for the whole Asia Pacific region.
Position summary:
The ideal candidate will be team oriented and will work closely with the Information Risk Manager and other members of the Risk and Control team, as well as local management in Asia. The qualified individual will be responsible for the day-to-day risk management functions including outside vendor reviews and pre-audit controls reviews. The candidate will exercise discretion and independent judgment on a daily basis.
Key Responsibilities:
IT Control
- Monitor the Business' compliance with the Information/Technology Control Policies; and
- Support reviews with Internal and External auditors.
General Risk Management
- Partner with technology groups to ensure completion of 'projects' to remediate identified gaps in the IT controls;
- Review IT Development initiatives to ensure compliance with the Banks' IT Control policy;
- Provide guidance to the business and technology teams on all technology issues related to policy compliance;
- Initiate and implement a proactive risk self-assessment process that is used to assess the business' compliance and reveal any potential risk exposures;
- Summarise results of the risk assessment and create actions plans to remediate risk or document compensating controls to mitigate risk;
- Partner with both Internal Auditors during reviews and External Auditors performing annual review;
- Partner with technology groups in performing product reviews, end to end security review and coordinate penetration test as applicable;
- Develop and perform training of local IT staff in IT control matters;
- Perform the role as IT representative at meetings with Regulators, and Auditors;
- Keep abreast of corporate led and current IT control thinking; and
- Developing, coordinating and facilitating the Information Technology "User" and "Vendor Management" awareness program.
Third Party Technology Compliance Program
- Maintain a comprehensive understanding the Third Party standard and interpretation of the standard to ensure compliance;
- Coordinate and perform third party reviews;
- Onboard new third parties through due diligence process;
- Monitor Data Privacy initiatives for third party compliance;
- Monitor the completion of Remediation plans by third parties; and
- Update and maintain the accuracy of the corporate third party repository.
Skills
Skills/Requirements:
- University degree in an IT-related discipline;
- 5 to 10 years of technology experience (applications or infrastructure);
- Clear and proven understanding of IT controls and how these relate to the Private Banking business;
- Eager to learn new and varied systems;
- Service focused and detailed-oriented;
- Knowledge and experience with Private Banking systems preferred;
- Good English oral and written communication skills;
- Control related experience (e.g., Risk Management, Vendor Reviews, Access Administration, Change Control, SOX or Contingency Planning); and Understanding of the Information Technology Control Policies.
Technical Skills:
- Business Analysis - Basic
- Corporate IT Audit Process - Proficient
- IT Risk Management - Proficient
- Performance Metrics and Reporting - Basic
- Technical Problem Resolution - Proficient