JPMorgan Cybersecurity Technology & Controls – Associate 

Brazil, São Paulo, São Paulo 

287234786

Cybersecurity Technology & Controls (CTC) is responsible for ensuring the security, resiliency, and regulatory compliance of the Firm's computational environment. You will be at the forefront of innovation designed to strengthen our operations. As part of a highly specialized team, CTC covers multiple domains including IT Infrastructure Management, IT Risk Management, Data Protection, Identity and Access Management, Security & Vulnerability Management, and Application Security.

In this role, you will jointeam with a focus ondomain where you will actively collaborate with Infrastructure leaders to provide high quality security solutions and services that are focused on improving the Firm's risk and controls posture, including overseeing regional IT Risk and ensuring compliance to security policies & standards.

Key Responsibilities:

• Assist in monitoring technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices.
• Collaborate with stakeholders to develop and implement risk mitigation strategies, controls, and action plans for technology-aligned processes.
• Monitor and evaluate the effectiveness of implemented controls, contributing to recommendations for improvements and addressing gaps in risk management.
• Communicate risk-related findings and updates to relevant stakeholders, ensuring alignment with organizational objectives and risk appetite.

Required Qualifications:

• Bachelor's Degree in STEM Areas (Science, Technology, Engineering, Mathematics)
• 3+ years of experience or equivalent expertise in technology risk management, information security, or a related field
• Fundaments of IT Infrastructure (e.g., Network, Compute, Operating Systems)
• Proficient in risk identification, assessment, and control evaluation, with a strong understanding of industry standards
• Demonstrated ability to analyze complex issues, develop risk mitigation strategies, and communicate effectively with stakeholders
• Exposure to risk management frameworks, regulations, and industry best practices.
• Fluent in English Language.

Desirable Qualifications:

• CISM, CRISC, CISSP, or other industry-recognized risk certifications
• Knowledge of scripting/programming languages (e.g., Python, PowerShell)
• Fundaments of Cybersecurity (e.g., NIST, CIS, Vulnerability Mgmt., Network Security)
• Experience with data, data query, analytical tools and visualizations (e.g. Tableau, SQL)
• Knowledge of Spanish Language