Tech Risk and Controls Lead-Governance

Drive technology risk governance and control effectiveness across cybersecurity, partnering with teams to strengthen resiliency and compliance.

Join a team where your expertise helps protect the firm and our customers by strengthening technology risk governance and control outcomes.

As a Governance, Risk and Controls Governance Lead at JPMorganChase within Cybersecurity, Technology & Controls, you will identify, assess, and help mitigate operational and technology risks in line with the firm’s standards. You will provide subject matter expertise and practical guidance to technology-aligned process owners to help ensure controls are designed appropriately, operating effectively, and aligned to regulatory, legal, and industry expectations. You will collaborate with stakeholders including Control and Product Owners, Application and Site Reliability Engineering teams, and Audit and Regulatory partners to continuously improve the technology risk posture and its business impact.

Job responsibilities

• Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
• Develop and maintain strong relationships with line of business technologists, assessment teams, and data officers to enable cross-functional collaboration and progress toward shared goals
• Execute reporting and governance for controls, policies, issue management, and measurements, providing senior management insight into control effectiveness to inform governance decisions
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
• Perform control assessments, quality assurance reviews, issue closure testing, and oversight of remediation plans to validate sustained control performance
• Establish key risk indicators, key performance indicators, and key control indicators (for example, review cycle time, defect rate, control test pass rates) and service level agreements/objectives to improve resiliency, scalability, sustainability, and stability of control reviews
• Create traceability for catalog changes, including impact assessments, decisions, evidence, and audit-ready artifacts.

Required qualifications, capabilities and skills

• Formal training or certification on security concepts and 5+ years of applied experience in technology risk management, information security, or a related field, emphasizing risk identification, assessment, and mitigation.
• Familiarity with risk management frameworks, industry standards, and financial services regulatory requirements
• Proven expertise in data security, risk assessment and reporting, and control evaluation, design, and governance, with a record of implementing effective risk mitigation strategies
• Demonstrated ability to influence executive-level decision-making and translate technology insights into business strategies for senior leaders
• Working knowledge of cybersecurity-related regulations and compliance requirements (for example, General Data Protection Regulation, Payment Card Industry Data Security Standard, Sarbanes-Oxley, Federal Financial Institutions Examination Council)
• Understanding of applicable national and international laws, rules, regulations, policies, and ethics related to cybersecurity in the financial industry.
• Advanced knowledge of product development life cycle practices, service design, and data analytics

• Ability to build dashboards and metrics that communicate control effectiveness, cycle time, and risk posture to stakeholders.

Preferred qualifications, capabilities and skills

• Industry-recognized certification such as Certified Information Security Manager, Certified in Risk and Information Systems Control, Certified Information Systems Security Professional, Certified Information Systems Auditor, or similar
• Experience applying prompt engineering to improve stakeholder engagement, documentation quality, and process efficiency
• Familiarity with coding or scripting, data analytics, cloud control design, cybersecurity controls, and/or distributed technologies
• Experience automating control evidence collection and testing (for example, using application programming interfaces or scripts) to improve reliability and repeatability
• Data visualization and communication skills to explain complex risk and control topics clearly

#CTC

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. 

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.