Senior Internal Audit Associate - Cybersecurity

Location: Columbus, OH, United States

Job Family: Auditing

About the Role

At JP Morgan Chase, we are a leading global financial services firm with operations spanning investment banking, consumer and community banking, commercial banking, and asset and wealth management. Our Internal Audit team plays a critical role in safeguarding the firm by providing independent assurance on the effectiveness of our risk management, control, and governance processes. As a Senior Internal Audit Associate - Cybersecurity in our Columbus, OH location, you will join a dynamic team dedicated to auditing the cybersecurity posture of one of the world's largest banks. This role involves planning, executing, and documenting audits that enhance our internal controls, ensuring we mitigate cyber risks in a highly regulated financial environment. You will collaborate with global teams to address threats like data breaches, ransomware, and compliance with standards such as SOX and NIST, contributing to the firm's resilience against evolving digital challenges. In this position, you will lead audit engagements focused on cybersecurity domains including network security, identity management, and incident response within JP Morgan Chase's vast infrastructure. Your work will involve developing risk-based audit plans, performing detailed testing of controls, and analyzing findings to recommend actionable improvements that protect client data and financial assets. You will partner closely with cybersecurity experts, business leaders, and compliance officers across regions, fostering a culture of proactive risk management. By leveraging tools for data analytics and staying abreast of industry trends like cloud security and AI in fraud detection, you will help strengthen our defenses in an era of increasing cyber threats to the financial sector. We value professionals who bring technical expertise and a commitment to integrity, offering opportunities for career growth in a supportive environment. This role not only demands strong analytical skills but also the ability to communicate complex findings to non-technical stakeholders, influencing decisions at the executive level. Join JP Morgan Chase to make a meaningful impact on global finance while advancing your career in cybersecurity auditing.

Key Responsibilities

• Plan and execute cybersecurity audits across JP Morgan Chase's global operations, focusing on risk identification and control effectiveness
• Develop detailed audit programs and testing procedures aligned with internal audit standards and financial regulations
• Collaborate with cybersecurity teams, IT operations, and business units to evaluate and strengthen internal controls
• Document audit findings, prepare comprehensive reports, and recommend remediation actions for senior leadership
• Perform data analysis using audit tools to detect vulnerabilities in financial systems and networks
• Monitor compliance with cybersecurity policies and contribute to the continuous improvement of audit processes
• Engage in global audit projects, providing insights on industry best practices in financial services
• Support the annual audit planning process by assessing emerging cybersecurity threats in the banking sector
• Facilitate training sessions on audit methodologies for junior team members
• Liaise with external regulators and third-party auditors to ensure alignment with JP Morgan Chase's risk management framework

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Minimum of 3-5 years of experience in internal auditing, with a focus on cybersecurity or IT audit in the financial services industry
• Professional certification such as Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM)
• Strong understanding of regulatory requirements including SOX, GDPR, and financial industry standards like FFIEC and NIST frameworks
• Proven experience in assessing cybersecurity risks, controls, and compliance in a banking environment
• Ability to travel up to 20% for global audit engagements
• Excellent written and verbal communication skills for reporting to senior management

Preferred Qualifications

• Advanced degree (Master's) in Cybersecurity or related field
• Experience auditing cybersecurity in a large financial institution like JP Morgan Chase
• Knowledge of emerging technologies such as cloud security, AI-driven threat detection, and blockchain in finance
• Familiarity with JP Morgan Chase's internal audit methodologies and tools
• Previous experience in global audit teams with cross-border regulatory exposure

Required Skills

• Cybersecurity auditing and risk assessment
• Knowledge of IT controls and frameworks (e.g., COBIT, NIST)
• Regulatory compliance in financial services
• Audit planning and execution
• Data analytics and visualization tools (e.g., ACL, Tableau)
• Report writing and presentation skills
• Collaboration and stakeholder management
• Problem-solving and critical thinking
• Understanding of financial systems and banking operations
• Threat modeling and vulnerability assessment
• Project management in audit environments
• Attention to detail and ethical judgment
• Adaptability to evolving cybersecurity threats
• Global teamwork and cultural sensitivity
• Proficiency in Microsoft Office Suite and audit software

Benefits

• Competitive base salary and performance-based annual bonuses
• Comprehensive health, dental, and vision insurance plans
• 401(k) retirement savings plan with generous company matching
• Paid time off including vacation, sick days, and parental leave
• Professional development opportunities with tuition reimbursement and certification support
• Employee stock purchase plan and financial wellness programs
• On-site fitness centers and wellness initiatives at Columbus campus
• Flexible work arrangements including hybrid options for work-life balance

JP Morgan Chase is an equal opportunity employer.