Join a role that's central to our technological resilience, offering a unique opportunity to shape the firm's tech risk strategy and enhance industry compliance. 

 

As the Tech Risk and Controls Director within JPMorgan Chase, you will play a pivotal role in shaping and implementing the Consumer & Community Banking Technology Risk Management Strategy. Leveraging your advanced knowledge and expertise in technology-risk and control disciplines, you will identify, oversee, and mitigate compliance and operational risks in line with the firm's standards. You will collaborate with various stakeholders, including Product Owners, Business Control Managers, Internal Audit & Compliance, Conduct, and Operational Risk, to develop and maintain a comprehensive view of the technology risk and control posture and its impact on the business. 

 

Your ability to make calculated decisions, manage direct and matrixed team members, and promote strategic projects will be crucial in ensuring adherence to regulatory obligations and industry best practices. Your work will contribute to the long-term success and resilience of the organization in an ever-evolving technology landscape.

 

Job responsibilities

Design, implement, and maintain a comprehensive technology control framework that aligns with industry best practices and regulatory requirementsDevelop and update policies, procedures, and standards to ensure effective risk management and complianceEnsure compliance with regulatory standards, engaging with the audit team and working with process owners on the development of action plans for remediation associated with control effectivenessConduct regular and thorough risk assessments to identify potential vulnerabilities in technology processes and systemsProvide ad hoc support cross functionally for Consumer & Community Bank TechnologyWork across the team to develop and implement a cohesive communication program for Consumer & Community Bank Technology Control AwarenessEstablish and maintain standards and procedures in line with industry best practicesIdentify and escalate emerging and upstream technology risk through execution of the Firm’s management framework tools, including risk event management, reporting, and action plan tracking, and provide expert counsel to stakeholders and constituents regarding their security obligations, facilitating acceptable outcomesEstablish and maintain strong relationships with internal and external stakeholders, including key cross-functional team leads and auditors, to ensure compliance with legal, regulatory, and industry standards Manage reporting and governance of overall control inventory, and measurements, etc., providing insight to senior leaders into effectiveness of controls, status of remediation activity and inform governance work 

 

Required qualifications, capabilities, and skills 

7+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry Proven ability to lead teams (cross functional, matrixed and direct), manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy in communications with senior executives Advanced knowledge and experience leading data security, risk assessment & reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies 

 

Preferred qualifications, capabilities, and skills

Certified Information Systems Auditor (CISA)Certified Information Systems Security Professional (CISSP)Certified in Risk and Information Systems Control (CRISC)