Tech Risk and Controls Lead

at  JPMorganChase

JOB DESCRIPTION

Tech Risk & Controls professionals play a critical role in the identification, assessment, oversight, monitoring, and reporting of compliance and operational risk in line with the firm’s standards. They are accountable for supporting and advising technology-aligned process owners in managing operational aspects of governance, risk, and compliance. Tech Risk & Controls is also responsible for the design, implementation, and maintenance of controls and risk management frameworks, and they partner with Product Security to ensure design and implemented controls are operating in alignment with firm, regulatory, legal, and industry standards as required. Tech Risk & Controls also partners with a variety of stakeholders, including Product Managers (both business and technology aligned), Business Control Managers, 2nd Line of Defense (2LOD), Audit, Compliance, and regulators to develop and report a comprehensive view of the technology risk posture and the impact on the business.

PREFERRED EXPERIENCE:

• Excellent Project Management experience
• Risk management expertise in AWS services is a big plus
• Relevant industry certifications are preferable
• Ability to work with data from disparate sources to build a cohesive view on risk
• Collaboration with internal and external technology audits (3rd Line of Defense), CCOR Operational Risk Management deep dives and testing (2nd Line of Defense), and the ability to advocate on behalf of subject matter experts
• Advanced level in Office 365 with proficiency combining data sources in Excel
• Strong written and verbal communication skills with ability to effectively communicate and present security risk concepts with business and technology partners.
• Preferable experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC)

ABOUT US

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

We are seeking a Governance Associate for the TRC function in Cloud Foundational Services. Their role will offer guidance, best practices, and support across businesses, creating reporting, improving governance and processes, leading risk reviews and vulnerability assessments, identifying threats, and communicating with senior leaders and other stakeholders.

• Foundational knowledge of cybersecurity organization practices, risk management processes and principles
• Manage remediation activities ensuring appropriate, timely and complete resolution
• Communicate technology findings with leadership and Line of Business key stakeholders and provide accurate remediation metrics and management reports on a timely basis
• Strong report creation and presentation skills capable of speaking to all levels of the organization
• Demonstrate ability to conduct cross functional meetings with various Line of Business stakeholders
• Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
• Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
• Assist with training and spreading technology risk and control awareness within the organization, while building strong relationships and becoming a trusted risk and controls partner within the firm