Information Security Risk Assessor
4 months ago
**JOB DESCRIPTION**
You’re ready to gain the skills and experience needed to grow within your role and advance your career
**Job Summary**:
As an Information Security Risk Assessor with GT Controls Office Team, your primary responsibility will be to support firm wide technology and regulatory assessments, conduct various assessments/controls testing and communicate test results with the appropriate stakeholders. As part of central execution team member, you will play an important role in engaging with respective Assessments Leads/ Technology Control Officers for business areas to assess risk and with respective technology and business partners. You will have an eye for detail and an ability to see big picture and recognize need to assess control issues more broadly and across groups. You will also support the Annual Asset (Application/Infrastructure) Risk Assessment, working with Application Development teams to provide oversight of the controls and suitable remediation plans, as required.
**Job responsibilities**
- Understanding of basic controls across various Technology domains like Identity and Access Management, Security Operations and Configuration, Data Management, Technology Resiliency etc.
- Support the Control Testing program including controls design review and perform testing of the evidence submitted to validate it justifies control operating effectiveness.
- Assist with the annual firm wide SOX / CCAP program, testing the evidence of the controls and identifying any significant control deficiencies, working with the appropriate Assessment leads/ Technology Control Officer to identify appropriate remediation to improve the controls as necessary.
- Assist in Asset (Applications/Infrastructure) Risk Assessment process that aims to gather risk specific information about an asset. Work with technology teams to walk through, gather control design requirements facilitate discussions and bring to closure control issues.
- Advise Lines of Business (LOBs), based on the testing their results to ensure they are in compliance with the Firm's guidelines. Communicate issues and evaluate issues/findings and best practices with the rest of the team and manager.
- Perform Quality Control reviews of control testing working papers. Participate in additional key control projects related to enhancement of the Compliance and other assessment programs.
- Support internal education and best practices sharing with peers and colleagues, as well as information security education & awareness, as needed.
**Required qualifications, capabilities, and skills**
- Bachelor's degree preferably in Computer Science or Information Technology with 7+ years of applied technology risk management experience
- Have a strong background in Auditing, understanding of technology controls
- Experience in Applications assessment and control testing.
- Be detail oriented with ability to evaluate processes, controls, and issues to determine the risks.
- Have an ability to maintain high standards with a drive to achieve the right answer in difficult and/or ever-changing situations.
- Can work independently, collaborate within a team and is comfortable in a virtual environment.
- Proficient verbal and written communication skills, including the ability to effectively lead discussions and meetings with internal management, external/ internal audit, and peer groups.
**Preferred qualifications, capabilities, and skills**
- Strong interpersonal skills - verbal communications, written communications, and a good track record of collaboration.
- Proficient in MS Office - Microsoft Word, Excel, Access, and PowerPoint.
- CISA, CISSP, CISM, CRISC certification will be an added advantage.
**ABOUT US**
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
**ABOUT THE TEAM**
The Cybersecurity & Technology Controls group at JPMorga
-
Information Security Risk Assessor
4 months ago
Bengaluru, India eliterecruitments Full time**Information Security Risk Assessor (ISRA)**: We are looking for an Information Security Risk Assessor (ISRA) to join our client’s team. In this role, you will play a crucial part in securing our projects by design through the delivery of Information Security Assurance Plans based on ISO Risk Management principles. **Location -...
-
Security Assessor
3 months ago
Bengaluru, Karnataka, India Fime Full timeWe are looking for an experienced security assessor to support on security issues and risks identification based on smart card personalization security process like PCI related requirements by conducting onsite audits in the sites. This position requires travelling to the vendor site premises in and out of India. Responsibilites Conducting security audits...
-
Cybersecurity Third-party Risk Assessor
1 month ago
Bengaluru, Karnataka, India Hewlett Packard Full timeAs the world around us becomes more connected and digital, cybersecurity attacks increase opportunities for fraud and disruption. In this constantly changing landscape, the need for companies, products, and services to be secure is more important than ever. Are you passionate about keeping good people safe from bad actors? We are, too! We are HP...
-
Information Security Assessor
4 months ago
Bengaluru, India JPMorgan Chase & Co Full time**JOB DESCRIPTION** You’re ready to gain the skills and experience needed to grow within your role and advance your career **Job Summary**: The scope of work includes control assessments for the various programs covering Financial (SOX, CCAP etc.), Payment Card (PCI), Cyber, Privacy (GLBA, GDPR etc.), Application (ARA) and Infrastructure (ICA) across both...
-
Information Security Risk Analyst
4 months ago
Bengaluru, India Take-Two Interactive Software Full timeAbout the Position Job Title: Information Security Risk Analyst Who We Are: Take-Two Interactive Software, Inc. is a leading developer, publisher, and marketer of interactive entertainment for consumers around the globe. For more than 25 years, our development teams have created some of the most critically acclaimed and commercially...
-
Security Assessor
3 weeks ago
Bengaluru, India Fime Full timeFime enables its clients to create and launch trusted and secure solutions with consulting and testing services in payments, smart mobility, biometrics, authentication and open banking. With 800+ experts around the world in 24 locations across Europe, the Middle-East, Americas and Asia, Fime is immersed as a multi-cultural environment. Inspired by the...
-
Security Assessor
4 weeks ago
Bengaluru, India Fime Full timeFime enables its clients to create and launch trusted and secure solutions with consulting and testing services in payments, smart mobility, biometrics, authentication and open banking. With 800+ experts around the world in 24 locations across Europe, the Middle-East, Americas and Asia, Fime is immersed as a multi-cultural environment.Inspired by the...
-
Itss-security Consultant-humjp00023689
2 weeks ago
Bengaluru, India NTT DATA Full timeDescription: The Third Party Cybersecurity Risk Manager 2 will conduct cyber security risk assessments on Third Parties to Humana or its subsidiaries using a pre-defined security questionnaire. The role will be responsible for evaluating vendor responses, supporting documentation and evidence, identifying potential risk, reporting, and presenting the review...
-
Itss-security Consultant-humjp00023689
2 weeks ago
Bengaluru, India Hashmap Full timeDescription: The Third Party Cybersecurity Risk Manager 2 will conduct cyber security risk assessments on Third Parties to Humana or its subsidiaries using a pre-defined security questionnaire. The role will be responsible for evaluating vendor responses, supporting documentation and evidence, identifying potential risk, reporting, and presenting the review...
-
Team Lead- Information Security Risk Management
4 months ago
Bengaluru, India Take-Two Interactive Software Full timeAbout the Position Job Title: Team Lead- Information Security Risk Management Who We Are: Take-Two Interactive Software, Inc. is a leading developer, publisher, and marketer of interactive entertainment for consumers around the globe. For more than 25 years, our development teams have created some of the most critically acclaimed and...
-
Lead- Information security, Risk and Compliance
4 months ago
Bengaluru, India Whatfix Full timePosition Summary: The Security Compliance Specialist is responsible for managing all compliance related activities within the Whatfix platform and supporting other global compliance related initiatives. Compliance activities will include coordinating internal and external assessments/audits, contributing to policy and standards updates, developing...
-
Information Security Officer
5 days ago
Bengaluru, India Karbon Business Full timeJob Role: Information Security OfficerJob DescriptionPosition Summary:The Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The Head of IS responds to incidents, establishes appropriate standards and controls,...
-
Architect-Information Security
2 weeks ago
Bengaluru, India Altisource Full timeJob DescriptionWe are looking for dynamic leader with over 6+ years of experience in Information Security and Security Operation Centre. Expertise in network security, data security, endpoint security. Skilled in conducting security risk and gap assessments.IT Infrastructure and application architecture design security risk assessment, data flow security...
-
Information Security Officer
6 days ago
Bengaluru, India Karbon Business Full timeJob Role: Information Security OfficerJob DescriptionPosition Summary:TheInformation Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The Head of IS responds to incidents, establishes appropriate standards and controls, manages...
-
Information Security Officer
2 weeks ago
Bengaluru, India Titan Company Limited Full timeDepartment: Information Systems (IS)Reports To: GRCP LeadTitan Company Ltd is seeking a proactive and skilled Business Information Security Officer (BISO) to join our dynamic Information Systems team. The BISO will play a pivotal role in managing information security risks and aligning security controls with business needs. You’ll work closely with our...
-
Information Security Officer
2 weeks ago
Bengaluru, India Titan Company Limited Full timeDepartment: Information Systems (IS)Reports To: GRCP LeadTitan Company Ltd is seeking a proactive and skilled Business Information Security Officer (BISO) to join our dynamic Information Systems team. The BISO will play a pivotal role in managing information security risks and aligning security controls with business needs. You’ll work closely with our...
-
Architect-Information Security
2 weeks ago
Bengaluru, India Altisource Full timeJob Description We are looking for dynamic leader with over 6+ years of experience in Information Security and Security Operation Centre. Expertise in network security, data security, endpoint security. Skilled in conducting security risk and gap assessments. IT Infrastructure and application architecture design security risk assessment, data flow...
-
Information Security Officer
7 days ago
Bengaluru, India Karbon Business Full timeJob Role: Information Security Officer Job Description Position Summary: The Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The Head of IS responds to incidents, establishes appropriate standards and...
-
Information Security Officer
7 days ago
Bengaluru, India Karbon Business Full timeJob Role: Information Security Officer Job Description Position Summary: The Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The Head of IS responds to incidents, establishes appropriate standards and...
-
Information Security Officer
6 days ago
Bengaluru, India Karbon Business Full timeJob Role: Information Security Officer Job Description Position Summary: The Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The Head of IS responds to incidents, establishes appropriate standards and controls,...
