JPMorgan Tech Risk Controls Lead 

United Kingdom, England 

284573670

Key Responsibilities:

• Coordinate and manage Resiliency testing, including planning, execution, and communication of Sustained Resiliency tests for CFS applications and products.
• Facilitate communication, follow-up actions, chair meetings, capture test results, and publish key reports for management review.
• Support technology leads in creating, maintaining, and reviewing, approving critical resiliency documentation, for Technology Recovery Application Plans.
• Provide support for the Business Reviewer/Owner in creating, maintaining, and reviewing, approving critical resiliency documentation, for Business Plans and Planning Units.
• Collaborate proactively with AOs to maintain resiliency compliance and minimize Resiliency Risk.
• Provide support for Change, Incident Management processes.
• Identify and implement opportunities for continuous service improvement.
• Review and attest to the substantiation data within Enterprise Resiliency Management & Analytics (ERMA) for CFS applications.
• Update ERMA Plans aligned with changes in the CFS organization, business functions, and staffing.
• Support ERMA UAT Technology or Business Release/enhancements.
• Support Notification Call Tree bi-annual testing for CFS as required.
• Develop a long-term Technology and Business Resiliency risk and control strategy to secure the Function's information assets.
• Execute and implement Technology Risk and Control (TRC) processes, including risk assessments, remediation, and specific targeted risk projects within the team.
• Identify incident situations when ET Crisis Management, support CFS in recovering Business Functions and staff management, ensuring all impacted CFS staff are accounted for, and serve as a primary point of contact for resiliency initiatives and incidents.
• Ensure business and technology leads, and technologists understand all pertinent Resiliency Risk and Control requirements and applicable JPMC policies.
• Execute and implement that strategy the strategy, including risk assessments, remediation, and specific targeted risk projects within the Function.
• Provide and facilitate ERMA resiliency training across Technology and Business functions, for AO and Business point of contact community within CFS.
• Support Audit RFI requests, as Horizontal/Regulatory/Internal Audits are announced and conducted.

Qualifications:

• Familiarity with technology processes such as resiliency, sustained resiliency recovery management.
• Understanding of regional standards, requirements, and risk assessment methodologies.
• Preferred knowledge of IT control policies related to the Public Cloud.
• Proven ability to evaluate, improve, and execute the organization's risk assessment processes and procedures.
• Capability to drive strategy execution and implementation, including assessments, remediation, and targeted projects within the Function.
• Ability to prioritize and work under tight deadlines in a global environment, partnering with global cloud-security product management teams to enhance cloud-security products.
• Build and maintain strong relationships with business and technology leads.
• Provide understanding and knowledge of current industry trends in information and security standards to enhance resiliency controls and lead organizational improvements.
• Ability to collaborate with technology teams to gather resiliency design requirements, facilitate discussions, and resolve control issues.

Preferred qualifications, capabilities and skills:

• Strong understanding of Technology and Business Resiliency, with experience in these functions highly desired.
• Knowledge of security and resiliency controls, and vulnerability management in public cloud environments is strongly preferred. Proven ability to evaluate, improve, and execute the organization's process assessment procedures.
• Ability to work independently, collaborate within a team, and operate comfortably in a virtual environment.
• Proficient verbal and written communication skills, with the ability to lead discussions and meetings with internal management, external/internal audit, peer groups, regulators, and senior stakeholders.
• Ability to prioritize and work under stringent timelines.
• Leadership skills within a cross-line of business technology organization, empowering people, building rapport, earning respect, and exercising authority in a collaborative cross-cultural environment.
• Strong stakeholder engagement skills, including the ability to interact with senior management levels.