JPMorgan Technology Risk & Control Lead - CTO 

United Kingdom, England, London 

890157345

Responsibilities:

• Build and cultivate a proactive risk management culture through partnership and collaboration with CTO risk, control and technology teams to deliver customer value and improve security posture of the firm.
• Accountable for risk & control governance in Product Lines to better manage, defend & drive the product lifecycle
• Ensure product line risks and control gaps are acknowledged, registered and correctly treated (risk assess and approve findings/treatments, breaks, uplift programs, CORE items)
• Oversight of process management, risk assessment structure for Technology Product Line
• Owns effective product line interactions with CTC Assurance, Audit, Compliance, and CCOR
• Owns proactive product line control reviews & to develop/enhance increased risk telemetry for all risk management personas
• Provides line of sight of emerging technologies and view into how fit into current risk posture and control framework of CTO
• Coordinate and monitor issue management to ensure timely and sustainable remediation and provide thematic analysis to identify trends
• Proactively monitoring CORE Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps
• Collaborate with team members and stakeholders on firm-mandated, product line, horizontal, and regional audits

Preferred Experience:

• 5 + years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment and migration.
• Strong written and verbal communication skills with ability to effectively communicate and present security risk concepts with business and technology partners.
• Strong personal leadership, collaboration, bias for action and experience working within fast paced, complex and high performing Digital/Agile/Scaled Agile teams
• Strong analytical skills including solving and communicating complex problems, data analytics, measurement and reporting needed to drive continuous improvement.
• Exceptional knowledge of the firm’s Operational Risk Systems of Record
• Preferable experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC)
• Preferable experience working in a matrix management model across globally diverse, virtual teams to deliver strategic initiatives and commitments, ideally leveraging product and Agile principles.
• Preferable Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect)

Preferred qualifications, capabilities, and skills

• CISM, CRISC, CISSP, or other industry-recognized risk certification.