Technology Risk & Controls Director

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Join a role that's central to our technological resilience, offering a unique opportunity to shape the firm's tech risk strategy and enhance industry compliance.

As a Tech Risk & Controls Director in Cybersecurity & Technology Controls, you will play a pivotal role in shaping and implementing the firm's technology risk management strategy. Leveraging your advanced knowledge and expertise in technology-risk disciplines, you will identify, oversee, and mitigate compliance and operational risks in line with the firm's standards. You will collaborate with various stakeholders, including Product Owners, Business Control Managers, and regulators, to develop and maintain a comprehensive view of the technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team. Your work will contribute to the long-term success and resilience of the organization in an ever-evolving technology landscape.

1. Identify and mitigate compliance and operational risks in line with the firm's standards.
2. Provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards.
3. Lead the global programs within the Cyber Security Technology & Controls, Tech Risk & Controls Frameworks Team, collaborating with stakeholders from across Global Technology to accurately represent and maintain the firm's complex technology operations within the Corporate Operational Risk Environment (CORE) system.
4. Define and implement the Risk Identification framework, executing it with other Risk Identification partners to ensure technology risks are reflected into CORE, supporting the firm's risk management functions in reporting, monitoring, and mitigating emerging risks.
5. Consult with technology owners in Product, Engineering, and Operations to model their processes, risks, and controls for assessment.
6. Ensure technology risk and controls reference data is available and aligned for use in CORE, enabling consistent assessments informed by performance data from the technology estate.
7. Collaborate with senior business control management to align technology assessments with operational risk assessments.
8. Work closely with Operational Risk Management to optimize technology risk and control taxonomies.
9. Drive change initiatives across the firm's Risk Organization to improve understanding of technology risk.
10. Innovate and provide thought leadership to enhance the Firms' Operational Risk framework and the End-to-End Technology Risk Management lifecycle.
11. Communicate effectively with stakeholders, including senior and executive management.

• Formal training or certification in technology risk & controls and information risk management, with expert applied experience.
• Knowledge of compliance, conduct, and operational risk management frameworks.
• Experience with industry best practices in technology controls (e.g., NIST, ISO, ISACA).
• Experience in developing use cases for controls monitoring and working with product and engineering teams.
• Good knowledge of financial services regulation related to technology.
• Experience with current IT implementations, including Cloud.
• Proactive, innovative, and influential in driving ideas forward.
• Strong relationship-building skills with senior executives.
• Excellent organizational and project management skills, with experience using tools like JIRA.
• Experience with data analytics and enterprise initiatives using AI/ML, Alteryx, Tableau.
• Ability to work with diverse, geographically distributed teams.

J.P. Morgan is a global leader in financial services, committed to diversity and inclusion, and dedicated to building trusted, long-term partnerships with our clients.

The Cybersecurity & Technology Controls group at JPMorgan Chase partners across the firm to design, implement, and automate controls, ensuring the firm's safety, stability, and resilience.