Technology Operational Risk Vice President - GCP

Join a dynamic team and be at the forefront of innovation, working with cutting-edge technologies to shape the future and drive transformative outcomes.

As a Technology Operational Risk Manager – Vice President within the CCOR Technology & Cybersecurity (“CCOR Tech & Cyber”) group, you will focus on providing independent oversight of technology and cybersecurity operational risk management practices across a Lines of Business (LOB). You will be responsible for reviewing and assessing the governance of risks, processes and controls, identifying risks inherent in JPMorgan Chase's technology environment, and ensuring that access to systems and data is appropriately managed and secured. This includes evaluating the effectiveness of frameworks, policies, and procedures, and ensuring that they align with industry best practices and regulatory requirements.

• Perform oversight of operational risks through targeted assessments of global and regional technology/ cyber security processes for the International Consumer Bank (Chase UK).
• Participate in assessment of emerging risks as part of strategic business risk reviews, analysis of regulatory and market developments, New Business Initiative Approvals and review of external operational risk events.
• Stay abreast of current technology trends, vulnerabilities, and emerging technologies. Develop risk positions for new technologies, escalating and tracking risk items as necessary.
• Engage with technology teams to gain full understanding of the technology and control environment that support this business.
• Understand third party risks as related to specific technology area of expertise.
• Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices.
• Participate in technology governance forums.
• Review significant events where technology is a factor and provide credible challenge.

• BS/BA degree in computer science or equivalent experience.
• Relevant experience in cybersecurity or engineering roles.
• Deep and broad understanding of cybersecurity and technologies, and associated risks.
• Deep knowledge of cloud computing, including hands‑on experience with Google Cloud Platform and Amazon Web Services specifically.
• Subject matter expert in areas such as networking, identity management, access management, artificial intelligence, software development and cybersecurity.
• Excellent communication skills, experience preparing formal written documentation. Attention to detail, clear and concise writing, can translate complex technical information into understandable language for regulators.

• Professional cloud certifications such as AWS Certified Security Specialty and Google Professional Cloud Security Engineer.
• Knowledge of cloud infrastructure and hybrid implementations, experience with cloud security posture management and data security posture management tools.
• Ability to assess controls, identify vulnerabilities and access control weaknesses.
• Certified Ethical hacker.
• Software development experience and risks associated with the software supply chain.
• Professional Certifications in Cyber and Information Security Risk from ISACA or ISC2.