Technology Risk and Controls Lead - International Consumer Business

Are you ready to make a real impact in digital banking? Join our innovative team at JPMorgan Chase as we launch Chase Germany and revolutionize mobile banking. You'll be part of a diverse, collaborative environment where your ideas and expertise drive meaningful change. We offer unparalleled opportunities for career growth, skill development, and the chance to work with cutting-edge technology. Your contributions will help build the bank of the future and deliver exceptional experiences to millions of customers.

As a Technology Risk & Controls Lead in the Cybersecurity & Technology Controls team, you will analyze, consolidate, and support the production of reports on trends and metrics for a range of audiences, including management and external regulators. You will articulate cyber and technology risks, working closely with technical and non-technical control owners to drive actionable remediation. In this role, you will collaborate with stakeholders in a dynamic technical environment, helping to shape the future of digital banking in Germany. You will have the opportunity to grow your expertise and make a significant impact on our team and customers.

Job responsibilities

• Lead and mature cyber risk management activities across consumer banking products, providing thought leadership and guidance.
• Ensure technology risk is identified, quantified, communicated, and managed, including root cause analysis and recommendations.
• Develop, monitor, and report on cybersecurity KPIs and KRIs to enhance technology control effectiveness.
• Support and review technology controls against requirements, policy statements, and regulatory standards.
• Analyze and report on compliance at the LoB, firmwide, and regulatory levels.
• Build and maintain strong relationships with stakeholders, technology teams, and corporate functions.
• Facilitate oversight and business-as-usual risk activities.
• Deliver effective reporting on technology control performance.
• Collaborate with cross-functional teams to drive continuous improvement.
• Communicate complex technology and security risks to non-technical audiences.
• Mentor and support junior staff in risk management best practices.

• Bachelor's degree or equivalent combination of education and relevant experience.
• 8 years of relevant work experience in IT and cybersecurity controls.
• Expertise in banking regulations, EBA Guidelines on ICT and Security Risk Management, DORA, ISO27001, GDPR, and NIST frameworks.
• Experience with IT risk management operating models and three lines-of-defense frameworks.
• Proficiency in Cloud technologies and modern engineering practices, including containerization, chaos engineering, and CI/CD security.
• Advanced knowledge of information security domains, including risk and control assessments, access controls, regulatory compliance, technology resiliency, incident management, vulnerability management, third-party risk management, and data protection.
• Strong analytical skills and ability to deliver measurement and reporting for continuous improvement.
• Excellent communication skills and ability to collaborate with diverse teams.
• Technical understanding of Cloud and on-prem computing (Public - GCP & AWS, Private, Hybrid).
• Self-motivated with a desire to learn and operate on multiple tasks while maintaining high delivery standards.

• Certifications in CISA, CISM, CRISC, CISSP, CCSP, AWS, GCP, or similar.
• Experience with German regulatory requirements in consumer banking cybersecurity.
• Experience operating within a regulated industry.