Tech Risk and Controls Lead

Posted 2 Days Ago
Be an Early Applicant
London, Greater London, England
Hybrid
Senior level
Financial Services
We’re one of the world’s biggest technology-driven companies
The Role
The Tech Risk and Controls Lead will manage the technology Governance, Risk & Compliance discipline, overseeing the Information Risk Management program and ensuring technology risks are identified, assessed, and monitored. This role collaborates with various stakeholders to maintain risk reference data and optimize taxonomies, driving initiatives to enhance the firm's risk management capabilities.
Summary Generated by Built In

Job Description
The Technology Risk and Controls Framework Manager is a Vice President role within CTC's Technology Risk and Control (TRC) organisation. Reporting into the firmwide technology Chief Controls Manager, TRC leads the definition and execution of our technology Governance, Risk & Compliance (GRC) discipline, which provides the framework for managing the firm's corporate Information Risk Management program.
This role, which requires a combination of in-depth expertise and highly effective organizational skills, is critical to the overall success of the Information Risk Management program. The candidate must be a highly motivated individual with strong leadership and influencing skills. They will be able to leverage their experience to advance the firm's framework for managing technology risks and controls, which aligns technology policy with cybersecurity & technology control solutions and (based on metrics and quantitative assessment) appropriately informs the firm's Operational Risk Management reporting. Note that although the framework is established and operational, the space is dynamic, rapidly evolving, and is subject to continuous reassessment and changing priorities.
The position will work closely with various partners across the firm, including but not limited to colleagues in CTC, Enterprise Technology product & engineering, Information Risk Managers and Technologists in our Businesses and Corporate Functions, Operational Risk Management & Compliance, Audit, as well as regional partners across the globe. The ability to work effectively with a diverse set of stakeholders is essential. The role requires creativity, critical thinking, strong communication and influencing skills, and the ability to work across a large and complex organization that features prominently in both U.S. critical infrastructure and the global financial ecosystem.
Responsibilities

  • Working within the CTC-TRC Frameworks Team, in partnership with stakeholders from across Global Technology, you will lead the ongoing program to accurately represent and maintain the firm's complex technology operations within the Corporate Operational Risk Environment (CORE) system. This includes:
    • Defining the Risk Identification framework, and executing it with other Risk Identification partners to ensure identified technology risks are reflected into CORE, which provide the firm's risk management functions ability to report, monitor and mitigate emerging risks.
    • Consulting with technology owners in Product, Engineering and Operations to appropriately model their processes, sub-processes, risks and controls for assessment.
    • Ensuring technology risk and controls reference data (e.g., risk scenarios, policies, standards, procedures, etc.) is available and aligned for use in CORE, such that assessments are consistent and can be justifiably informed by the performance data gathered from the technology estate (i.e., metrics & measures).
    • Consulting with business-aligned information risk managers to ensure technology assessments are aligned and inform business operational risk assessments in a meaningful, actionable manner.
    • Collaborating closely with Operational Risk Management and Business Controls Management to ensure that technology risk and control taxonomies are optimised, with supporting systems able to interoperate.
    • Driving and leading change initiatives across the Firm's Risk Organisation (both Technology and Business) to improve the understanding of technology risk.
  • As the CORE system is used to manage and report the firm's Operational Risk (including information, technology & cybersecurity risk), it is referenced by a majority of the independent assessments, audits and regulatory exams that the firm's technology is continuously subject to. As a result, there are a significant number of partners from across Global Technology and beyond interested in the content of CORE. Effective communications, influencing and stakeholder management are key aspects of this role, including with senior and executive management.


Skills / Qualifications

  • Proven experience in the technology risk & controls and information risk management fields (e.g., identification of technology risks & effective mitigants, technology risk & controls assessments, associated governance & reporting, etc.)
  • Knowledge of compliance, conduct, and operational risk management frameworks and processes
  • Experience in using common technology controls industry best practice (e.g., from NIST, ISO, ISACA, etc.) frameworks
  • Experience in identifying use cases and business logic for continuous controls monitoring, and partnering with product and engineering teams to develop and implement
  • Good working knowledge of technology-relevant financial services regulation (e.g., FFIEC handbooks, etc.)
  • Good working knowledge of common & current information technology implementations (additional weight given for familiarity with Public and Private Cloud Implementation)
  • Inquisitive nature and comfort challenging current practices; proven track record of driving ideas forward and influencing
  • Adept at developing relationships with senior business executives; reputation for partnering across organization lines to mitigate risks
  • Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results. Use of work management platform such as JIRA to ensure operational discipline.
  • Demonstrated written and oral communication skills and excellent analytical and problem-solving skills
  • Experience in identifying and using data from large data sets to support enterprise scale initiatives via analytics (such as AI/ML techniques, Alteryx, Tableau)
  • Ability to collaborate with high-performing teams and diverse stakeholders to accomplish common goals, including experience working with geographically distributed and culturally diverse colleagues
  • High level of professionalism, self-motivation, and sense of urgency
  • Ability to be flexible, follow tight deadlines, and to operate under pressure when required


About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

What the Team is Saying

Nick S.
Lupe C.
Edwin T.
Dawn T.
Meng M.
The Company
HQ: New York, NY
289,097 Employees
Hybrid Workplace
Year Founded: 1799

What We Do

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $3.7 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small businesses, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands.

Technology fuels every aspect of our company and is at the heart of everything we do. With over 50,000 technologists globally and an annual tech spend of $12 billion, we are dedicated to improving the design, analytics, development, coding, testing and application programming that goes into creating high quality software and new products.

Learn more about technology at our firm, explore resources from our Distinguished Engineers, AI & ML researchers, and other experts; access the latest episode of our TechTrends podcast, and more at www.jpmorgan.com/technology. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.

©2023 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans.

Why Work With Us

Our technologists work on a diverse range of solutions that include strategic technology initiatives, big data, mobile, electronic payments, machine learning, cybersecurity, enterprise cloud development, and other state-of-the-art technologies.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

JPMorganChase Teams

Team
Product + Tech
About our Teams

JPMorganChase Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
Company Office Image
HQNew York, NY
SG
Bengaluru, Karnataka
Bournemouth, GB
Brooklyn, NY
Buenos Aires, Avaya
Chicago, IL
Dallas, TX
Dublin, IE
Glasgow, GB
Houston, TX
Hyderabad, Telangana
London, GB
Mumbai, Maharashtra
Philadelphia, PA
San Francisco, CA
Tampa, FL
Westerville, OH
Wilmington, DE
Learn more

Similar Jobs

Hybrid
London, Greater London, England, GBR
289097 Employees
Hybrid
London, Greater London, England, GBR
289097 Employees
Hybrid
London, Greater London, England, GBR
289097 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account