Tech Risk Assurance Lead

Job Description
Opportunity to shape risk culture and ensure technological safeguards in a dynamic, collaborative environment.
As a Tech Risk Assurance Lead in Cybersecurity and Technology Controls, you will lead expert technical risk assurance and control oversight to ensure the firm's products and lines of business achieve their objectives while effectively managing risk. Utilizing your background in technology risk management, you will work with cross-functional teams to identify, assess, and mitigate emerging risks and vulnerabilities. Your tactical and strategic decision-making will significantly impact the firm's operations, financial management, and public image. You will play a crucial role in fostering a robust risk culture and catalyzing continuous improvement, contributing to the development and implementation of comprehensive risk management policies, standards, and controls.
The Data Risk Pillar is responsible for coordinating the organization, framework, program, and approach for JPMC policies, standards, control objectives, risk assessments, monitoring, and aggregated risk reporting associated to the implementation of technology controls aligned to the Data Risk Pillar. Risk Leads provide input into monthly risk reporting, quarterly operational risk reporting, and recurring board audit reporting. This role engages in areas of technology architecture, technology design, development, and monitoring of global control programs and acts as a liaison between management, lines of business, internal and external audit, and global regulators. Additionally, for Data Management, the individual in this role may have interaction with the firm wide Chief Data & Analytics Office (CDAO) and line of business Chief Data Officers (CDO)
Job responsibilities

• Investigate, analyze, document, remediate, track, and report on technology risks and associated controls
• Design and development of control requirements based on new and emerging technological solutions in a measurable way
• Collaborate with team members and stakeholders on firm-mandated, cross-LOB, and global audits where the Risk Pillar is engaged
• Provide strategic drive for engagement efficiency, effectiveness and transparent, measurable, sustainable control improvements, including process enhancements and use of automated data collection techniques
• Define and proactively monitor Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps
• Provide leadership and advise on material remediation activities ensuring appropriate resolution of issues, action plans, breaks, and remedies and support the closure verification process
• Maintain an in depth understanding of the Data Risk Pillar domains consisting of Information & Technology Asset Management, Technology Data Management & Privacy, and Identity & Access Mgmt.
• Maintain knowledge of Technology Architecture Governance Control Objective, driving requirements for Data Risk Pillar into process
• Support risk decisions for product roadmap prioritization and control implementations supported by documentation and evidence.
• Manage the risk profile of aligned products, and translate risks into functional requirements, non-functional requirements and constraints together with the LOB business partners and GT Product Lines
• Effectively create, maintain and communicate Global Technology Executive Metrics

Required qualifications, capabilities, and skills

• 5+ years of experience or equivalent expertise in technology risk management, information security, or a related field
• Direct experience with IT Asset Management (ITAM), Identity & Access Management (IAM), and/or Data Risk Management (Privacy Risk & Controls)
• Knowledge of process-focused methodologies for IT related activities (Cloud, Asset Procurement, Asset Maintenance, Asset Lifecycle, Technology Data Management Subject matter expert on technology risk management with complete understanding of IT control policies and industry-standard risk/control frameworks: ITIL, COSO, NIST, PCI-DSS, COBIT, etc.
• Proven ability to examine, improve and execute the organization's existing processes and procedures for risk assessment
• Able to review, understand, and rely on technical and software documentation and apply that knowledge into practice
• Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction controls
• Understand and support regulatory engagements primarily aligned to the FFIEC Architecture, Infrastructure, and Operations (AIO) and Information Security handbooks
• Versed in industry best practices and control guidance provided by NIST, MITR ATT&CK, Data Management Book of Knowledge (DMBOK), and others
• Ability to prioritize and work under stringent timelines
• Ability to lead within a cross line of business technology organization, empower people, build rapport, garnering respect and appropriately exercising authority in a collaborative cross-cultural environment

About Us
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.