Technology Risk & Controls Lead

Join to apply for the Technology Risk & Controls Lead role at JPMorgan Chase.

1 week ago Be among the first 25 applicants.

The Technology Risk and Controls Framework Manager is a Vice President role within CTC’s Technology Risk and Control (TRC) organization. Reporting to the firmwide technology Chief Controls Manager, TRC leads the definition and execution of our technology Governance, Risk & Compliance (GRC) discipline, which provides the framework for managing the firm’s corporate Information Risk Management program.

This role requires a combination of in-depth expertise and highly effective organizational skills. It is critical to the success of the Information Risk Management program. The candidate must be highly motivated with strong leadership and influencing skills, leveraging experience to advance the firm’s framework for managing technology risks and controls. This includes aligning technology policy with cybersecurity and technology control solutions, and informing the firm’s Operational Risk Management reporting through metrics and assessments. The environment is dynamic, rapidly evolving, and requires continuous reassessment and adaptation.

The role involves close collaboration with various partners across the firm, including colleagues in CTC, Enterprise Technology, Information Risk Managers, Technologists, Operational Risk Management & Compliance, Audit, and regional partners worldwide. Effective communication, stakeholder management, creativity, critical thinking, and the ability to operate within a large, complex organization are essential. The role also involves engaging with stakeholders in both U.S. critical infrastructure and the global financial ecosystem.

• Lead the ongoing program to accurately represent and maintain the firm’s complex technology operations within the Corporate Operational Risk Environment (CORE) system. This includes:
• Defining and executing the Risk Identification framework in collaboration with Risk Identification partners to ensure risks are reflected in CORE for reporting and mitigation.
• Consulting with technology owners to model processes, risks, and controls for assessment.
• Ensuring technology risk and controls reference data are available and aligned for use in CORE, supporting consistent assessments based on performance data.
• Collaborating with information risk managers to align technology assessments with business operational risk assessments.
• Working with Operational Risk Management and Business Controls to optimize risk and control taxonomies and ensure system interoperability.
• Driving change initiatives across the firm’s Risk Organization to improve understanding of technology risks.
• Manage communications and stakeholder engagement related to the CORE system, which is used for managing and reporting on the firm’s operational risks, including technology and cybersecurity risks. This involves influencing senior and executive management and managing multiple partners across the organization.

• Proven experience in technology risk & controls, and information risk management (e.g., risk identification, assessments, governance, reporting).
• Knowledge of compliance, conduct, and operational risk management frameworks.
• Experience with industry best practices such as NIST, ISO, ISACA frameworks.
• Experience in developing use cases for continuous controls monitoring and collaborating with product and engineering teams.
• Good understanding of financial services regulations relevant to technology (e.g., FFIEC).
• Knowledge of current technology implementations, including cloud solutions.
• Inquisitive, challenging current practices, and influencing skills.
• Ability to build relationships with senior executives and across organizational boundaries.
• Strong organizational and project management skills, familiarity with work management tools like JIRA.
• Excellent communication, analytical, and problem-solving skills.
• Experience with data analytics tools and techniques, including AI/ML, Alteryx, Tableau.
• Ability to work with diverse, geographically distributed teams.
• High professionalism, self-motivation, and a sense of urgency.
• Flexibility, ability to meet deadlines, and operate under pressure.

J.P. Morgan is a global leader in financial services, providing strategic advice and products to clients worldwide. We value diversity and inclusion, and are committed to equal opportunity employment, making reasonable accommodations for applicants and employees.

Our professionals in corporate functions support finance, risk, HR, marketing, and more, ensuring the success of our business and clients.

• Seniority level: Not Applicable
• Employment type: Full-time
• Job function: Finance and Sales