JPMorgan Tech Risk Assurance Lead Data - IAM ITAM 

United States, Texas, Plano 

772079936

As a Tech Risk Assurance Lead in Cybersecurity and Technology Controls, you will lead expert technical risk assurance and control oversight to ensure the firm's products and lines of business achieve their objectives while effectively managing risk. Utilizing your background in technology risk management, you will work with cross-functional teams to identify, assess, and mitigate emerging risks and vulnerabilities. Your tactical and strategic decision-making will significantly impact the firm's operations, financial management, and public image. You will play a crucial role in fostering a robust risk culture and catalyzing continuous improvement, contributing to the development and implementation of comprehensive risk management policies, standards, and controls.

Job responsibilities

• Investigate, analyze, document, remediate, track, and report on technology risks and associated controls
• Design and development of control requirements based on new and emerging technological solutions in a measurable way
• Collaborate with team members and stakeholders on firm-mandated, cross-LOB, and global audits where the Risk Pillar is engaged
• Provide strategic drive for engagement efficiency, effectiveness and transparent, measurable, sustainable control improvements, including process enhancements and use of automated data collection techniques
• Define and proactively monitor Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps
• Provide leadership and advise on material remediation activities ensuring appropriate resolution of issues, action plans, breaks, and remedies and support the closure verification process
• Maintain an in depth understanding of the Data Risk Pillar domains consisting of Information & Technology Asset Management, Technology Data Management & Privacy, and Identity & Access Mgmt.
• Maintain knowledge of Technology Architecture Governance Control Objective, driving requirements for Data Risk Pillar into process
• Support risk decisions for product roadmap prioritization and control implementations supported by documentation and evidence.
• Manage the risk profile of aligned products, and translate risks into functional requirements, non-functional requirements and constraints together with the LOB business partners and GT Product Lines
• Effectively create, maintain and communicate Global Technology Executive Metrics

Required qualifications, capabilities, and skills

• 5+ years of experience or equivalent expertise in technology risk management, information security, or a related field
• Direct experience with IT Asset Management (ITAM), Identity & Access Management (IAM), and/or Data Risk Management (Privacy Risk & Controls)
• Knowledge of process-focused methodologies for IT related activities (Cloud, Asset Procurement, Asset Maintenance, Asset Lifecycle, Technology Data Management Subject matter expert on technology risk management with complete understanding of IT control policies and industry-standard risk/control frameworks: ITIL, COSO, NIST, PCI-DSS, COBIT, etc.
• Proven ability to examine, improve and execute the organization's existing processes and procedures for risk assessment
• Able to review, understand, and rely on technical and software documentation and apply that knowledge into practice
• Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction controls
• Understand and support regulatory engagements primarily aligned to the FFIEC Architecture, Infrastructure, and Operations (AIO) and Information Security handbooks
• Versed in industry best practices and control guidance provided by NIST, MITR ATT&CK, Data Management Book of Knowledge (DMBOK), and others
• Ability to prioritize and work under stringent timelines
• Ability to lead within a cross line of business technology organization, empower people, build rapport, garnering respect and appropriately exercising authority in a collaborative cross-cultural environment