Technology Risk and Controls - Executive Director

We know that people want great value combined with an excellent experience from a bank they can trust, so we launched our digital bank, Chase UK, to revolutionize mobile banking with seamless journeys that our customers love. We’re building the bank of the future from scratch, channeling a start-up mentality, and you’ll have the opportunity to make a real impact as part of JPMorgan Chase’s Technology Risk & Controls Director within the International Consumer Bank.

• Lead the maturity of cyber risk management activities across consumer banking products and provide thought leadership and guidance to peers and senior management.
• Ensure technology risk impacting the business is effectively identified, quantified, communicated, and managed, including recommendations for resolution and identifying the root cause/key themes.
• Provide security engineering and design support to technology teams and ensure controls are hardened through testing and as part of production deployments.
• Provide first line oversight and monitoring of key risks across technology, including core architecture and infrastructure, data management, development, and cyber security.
• Ensure regional oversight and governance by leveraging specific KPIs and KRIs.
• Work closely with the security architecture teams to ensure security controls are reviewed as part of new product designs or current product enhancements.
• Interface with technology and other supporting corporate functions on an ongoing basis for business-as-usual risk activities, reporting, and project initiatives.
• Evaluate regulatory and policy changes relating to cybersecurity and technology impacting the International Consumer business.
• Demonstrate experience with retail banking regulatory requirements in cybersecurity domains.
• Apply knowledge of cloud technologies and modern engineering practices, including containerization, access management, monitoring, and CI/CD security.
• Possess advanced understanding of multiple IT and cybersecurity controls and regulatory requirements, with experience in large-scale environments.
• Communicate effectively and collaborate with high-performing teams and individuals to achieve shared goals.
• Explain complex technology and security risks to non-technical audiences with clarity.
• Utilize strong proficiency in MS Office tools to create high-quality deliverables for internal and external stakeholders.
• Show expertise in information security domains such as policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, governance and metrics, incident management, secure systems development lifecycle, vulnerability management, third-party risk management, and data protection security.
• Apply analytical skills to solve and communicate complex problems, perform data analytics, and drive continuous improvement through measurement and reporting.
• Demonstrate expertise in application and infrastructure high-availability and resiliency architectures.

• Hold a bachelor's degree or possess an equivalent combination of education and relevant experience.
• Demonstrate experience with retail banking regulatory requirements in cybersecurity domains.
• Apply knowledge of cloud technologies and modern engineering practices, including containerization, access management, monitoring, and CI/CD security.
• Possess advanced understanding of multiple IT and cybersecurity controls and regulatory requirements, with experience in large-scale environments.
• Communicate effectively and collaborate with high-performing teams and individuals to achieve shared goals.
• Explain complex technology and security risks to non-technical audiences with clarity.
• Utilize strong proficiency in MS Office tools to create high-quality deliverables for internal and external stakeholders.
• Show expertise in information security domains such as policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, governance and metrics, incident management, secure systems development lifecycle, vulnerability management, third-party risk management, and data protection security.
• Apply analytical skills to solve and communicate complex problems, perform data analytics, and drive continuous improvement through measurement and reporting.
• Demonstrate expertise in application and infrastructure high-availability and resiliency architectures.