Technology Support Lead - Technology Operations, Regulatory, Incident & Event Management

As aTechnology Support Leadat JPMC Chase, you will play a leadership roleto effectively identify, monitor, evaluate and manage the firm’s technology risks and controls with a focus on the Technology Operations, Regulatory, Incident & Event Managementrelated activities. You will play a pivotal role in shaping and implementing the firm’s risk management strategy in these specific areas.

The team you will join follows a rigorous process to monitor, assess, and manage the risk of expected and unexpected events that may have an adverse impact on the firm. You will collaborate with various stakeholders, including Product Owners, Business Control Managers, regulators, and auditors, to develop and maintain a comprehensive view of the technology risk posture related to Technology Operations, Regulatory and Incident & Event Management, and its impact on the business.

Your ability to make calculated decisions and drive strategic projects will be crucial in ensuring the firm's adherence to regulatory obligations and industry best practices. Your work will contribute to the long-term success and resilience of the organization in an ever-evolving technology landscape.

You will also get the opportunity to leverage your experience and problem-solving skills to ensure the firm adequately manages its exposure related to the use of the latest technologies such as public cloud infrastructure. Using a pragmatic approach and analytical skills, you will be put in a position to influence the maintenance of the firm’s control catalog.

Job Responsibilities

For the Technology Operations , Regulatory, Incident & Event Management risk areas, you will:

• Be part of a team of professionals in areas covering Incident Management, Regulatory, and Event Management.
• Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams to deliver customer value and improve the security posture of the firm.
• Provide support and guidance to Lines of Business regarding adoption and execution of the controls to enable and enhance their objectives while complying with the Firm’s global policies and its regulatory compliance requirements.
• Ensure risk impacting the business is proactively identified, quantified, communicated, and managed, including recommendations for resolution, and identifying the root cause/key themes.
• Provide continuous support for the identification/maintenance of the control procedures, relevant risk-based telemetry design, and related assessments.
• Monitor control implementations and execution to ensure compliance with technology control requirements and escalate material risk.
• Support requests from Regulatory, Audit and Compliance Engagements impacting the controls.
• Evaluate and ensure adequate coverage, and disposition of, regulatory changes relating to the processes.
• Produce and present relevant content for governance forums to inform the business of changes to control requirements and their overall risk posture.

Preferred qualifications and/or skills:

• Familiarity with Firmwide Incident and Event Management processes specifically is a must.
• Familiarity with risk management and governance: Experience/involvement with developing and implementing risk management frameworks and governance structures to mitigate technology and security risks.
• Experience in cybersecurity, technology risk and controls, risk-based consulting, risk assessments, audit, and/or regulatory activities.
• Strong written and verbal communication skills with ability to effectively communicate and present security risk and control concepts to senior business and technology partners.
• Strong analytical and problem-solving skills:Ability to analyze complex issues, identify root causes, and develop effective mitigation strategies, including in the context of emerging technologies.
• Regulatory and compliance knowledge:Familiarity with relevant regulatory requirements and industry standards (e.g., ITIL, COBIT, ISO 27001, NIST).
• Excellent communication and influencing skills:Strong ability to communicate technical concepts to non-technical stakeholders, and to influence decision-making at all levels of the organization.
• Continuous learning and adaptability:Commitment to staying current with the latest security trends, emerging technologies, and threat landscapes, and the ability to adapt strategies accordingly.
• Certifications and education:Relevant certifications such as CISSP, CISM, CEH, CRISC or equivalent, and a degree in Computer Science, Management Information Systems, Information Security, or a related field. Advanced degrees (e.g., Master's, Ph.D.) are a plus.