Tech Risk and Controls Lead

Are you ready to make a real impact in technology risk management? At JPMorgan Chase, you will help shape the future of operational excellence and drive innovation in risk controls. You'll have the opportunity to grow your career, collaborate with talented professionals, and contribute to a culture that values your expertise. Join us and use your skills to protect our business and empower our teams. Your leadership will help us stay ahead in a dynamic risk landscape.

Job Summary:
As a Tech Risk and Controls Lead in our Cybersecurity and Technology Controls team, you will play a key role in identifying and mitigating compliance and operational risks. You will work within a collaborative team, partnering with Product Owners, Business Control Managers, and regulators to provide a comprehensive view of technology risk posture. You will use your advanced knowledge to drive innovative solutions and support a diverse team. Together, we focus on upholding operational excellence and fostering a culture of continuous improvement.

• Ensure effective identification, quantification, communication, and management of technology risk, focusing on root-cause analysis and resolution recommendations.
• Develop and maintain robust relationships, becoming a trusted partner with technologists, assessment teams, and data officers to facilitate cross-functional collaboration.
• Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness.
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
• Evaluate regulatory changes relating to cybersecurity and technology impacting the firm.

• 5 years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation.
• Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements, such as the Digital Operational Resilience Act (DORA).
• Proficient knowledge in data security, risk assessment and reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies.
• Ability to influence executive-level strategic decision-making and translate technology insights into business strategies for senior executives.

• CISM, CRISC, CISSP, or similar industry-recognized risk certifications.