Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management.

As a Tech Risk and Controls Lead – Policy and Control Operations at JPMorgan Chase, you will Lead in managing tech risks and controls, ensuring compliance and operational integrity in a dynamic risk landscape. While working with world-class technology and risk experts, you will leverage your expert knowledge of technology control risk and issue management to ensure risk reduction in an ever-changing cybersecurity and risk landscape to influence secure IT operations across the firm. While working with world-class technology and risk experts, you will leverage your expert knowledge of technology control risk and issue management to ensure risk reduction in an ever-changing cybersecurity and risk landscape to influence secure IT operations across the firm.

Job responsibilities

• Ensure the clarity and quality of documented controls in firmwide tools
• Process changes to controls while adhering to operational standards
• Oversee the documentation, implementation, and monitoring of controls, ensuring consistency and sustainability.
• Serve as a trusted advisor for framework-related inquiries and control management strategies.
• Provide auditability, risk, and sustainability advisement for all technology controls.
• Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals.

Required qualifications, capabilities, and skills

• Formal training or certification on security concepts and technology compliance/controls with applied experience.
• Good experience in technology audit, expertise in technology risk management, with a focus on managing risk identification, assessment, and mitigation
• Demonstrated proficiency in audit and risk management practices
• Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
• Proficient knowledge and expertise in data security, risk assessment and reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
• Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives

Preferred qualifications, capabilities, and skills

• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred