JPMorgan Vice President - Technology Risk & Controls Lead 

United States, Texas, Plano 

816338291

Our professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm.

Responsibilities include offering guidance, best practices, and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.

Job responsibilities:

• Execution of Risk Management activities within the Tech Control Assessment Framework
• Partner with Tech Controls’ Assessment Team and conduct independent Risk Management activities on control assessment scope and approach
• Manage and execute Regulatory, Audit and Compliance Engagements, Governance oversight of CTC Product area
• Support requests from Regulatory, Audit and Compliance Engagements impacting the CTC Product function
• Develop and maintain strong business and technology relationships, becoming a trusted partner with Global Technology Policies and Controls function, Control Domain function members, LOB Information Security Managers and Assessment and Assurance Program teams
• Communicate status updates to key stakeholders and senior management
• Provide accurate metrics and management reports on a timely basis
  • Support and help drive control evaluation methodology and framework within Cyber and Technology Controls function

Required qualifications, capabilities, and skills:

• Formal training or certification in technology risk concepts and 5+ years applied experience
• Gain experience with audit and/or technology risk assessment processes, and understanding of internal controls, and how they protect the firm and its clients
• Use industry best practice frameworks such as NIST, ISO, and ISACA
• Knowledge and experience with technology-relevant financial services regulations (e.g., FFIEC handbooks, etc.)
• Good working knowledge of common & current information technology implementations
• Strong communication skills – both verbal and written – to tell an effective risk story
• Ability to collaborate with high-performing teams and individuals throughout the firm to influence outcomes and accomplish common goals
• Use data and metrics (e.g., Key Risk Indicators) to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps

Preferred qualifications, capabilities and skills:

• Knowledge and experience Public and Private Cloud technologies
• Experience automating compliance related risk monitoring activities
• CISA, CISSP, CRISC or other industry-recognized risk/audit certifications preferred