Compliance - CCOR Risk Management Director - Executive Director

Bring your expertise to JPMorganChase. As part of Risk Management and Compliance, you are at the center of keeping JPMorganChase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As an Executive Director in Data and AI Compliance, Conduct and Operational Risk (CCOR), you will provide second line of defense (2LoD) independent oversight across the Chief Data & Analytics Office (CDAO) Product and Platform organization, with a focus on Data/AI platforms, model ingestion and onboarding, agentic systems, and external AI services. You will develop and execute targeted review strategies across the AI technical supply chain—data flows, integrations, access controls, logging/traceability, and data residency—ensuring products and platforms operate within the firm’s risk appetite and align to regulatory expectations.

Your role will report to the Head of AI, CCOR, and provides independent 2LoD oversight across the CDAO Product & Platform data and AI portfolio, spanning internally built products and third‑party/SaaS capabilities (e.g., data access and connectivity, governance/lineage/metadata, model development and notebooks, model serving, agentic capabilities, and managed data/AI platforms). You will assess whether risks are appropriately identified and controlled throughout the product lifecycle (including logging/traceability, data residency, third‑party risk, access/entitlements, and human‑in‑the‑loop safeguards where applicable), challenge and influence teams to remediate gaps, and escalate through governance channels or other mechanisms when needed to achieve acceptable risk outcomes.

Job Responsibilities

• Provide strategic guidance and proactive 2LoD oversight through targeted assessments of CDAO Product & Platform governance, processes, and control environments across the data and AI portfolio.
• Apply technical architecture expertise to challenge how data/AI services are designed and consumed (e.g., APIs, managed services, model gateways, identity and access patterns, orchestration layers), with a focus on secure control points and end-to-end auditability.
• Drive first line accountability for defining and reporting meaningful KRIs and control evidence (e.g., logging/traceability, data residency adherence, third-party dependencies, exception trends), and challenge content, quality, and outcomes as needed.
• Serve as an independent challenger for third-party/SaaS and managed AI platforms, validating risk and control expectations for data sharing/egress, vendor usage constraints, and operational resilience.
• Oversee governance for GenAI and agentic systems (including tool-enabled assistants and external model integrations), ensuring proportionate guardrails, least-privilege access, human oversight where required, and defined stop/containment mechanisms.
• Provide 2LoD oversight of foundational data governance products (inventory/CDE, metadata, lineage, catalog, data quality), ensuring they enable compliant data use and support obligations such as BCBS 239 across CDAO Product & Platform.
• Influence and reinforce right risk behaviors within Product & Platform teams by requiring appropriate SME engagement, clear ownership, timely remediation, and consistent follow-through to closure.
• Stay current on evolving AI regulations and AI risk frameworks and translate them into actionable oversight expectations, review checklists, and audit-ready documentation.

Required qualifications, capabilities and skills

• Significant relevant experience in (a) data/AI product and platform delivery with strong control-by-design practices, or (b) risk/governance oversight across data/AI and cloud with demonstrated independent challenge; 
• Demonstrated ability to operate with credible challenge and strong governance discipline (e.g., driving first line ownership, reviewing evidence, documenting risk positions, and escalating issues to resolution), while collaborating effectively with senior stakeholders and partners.
• Demonstrable technical architecture fluency, with experience assessing and challenging designs for data/AI platforms and integrations (APIs and managed services, security gateways, IAM/least privilege, logging/observability, data residency and egress controls).
• Strong understanding of AI/LLM capabilities and risks across the lifecycle (model onboarding/ingestion, retrieval/RAG patterns, model serving) and associated control points (traceability, access, data handling), including assessing control design and operational effectiveness in fast-changing environments.
• Experience with agentic AI architectures and tool-enabled assistants (e.g., overseeing “Claude Code”-style deployments), including guardrails, access boundaries, traceability, and human oversight appropriate to risk.
• Strong analytical and issue-spotting capability to drive risk decisions.
• Excellent communication and counseling skills (including client-facing experience), with ability to translate complex technical topics into clear risk positions, influence outcomes, prioritize across competing demands, and drive closure on remediation action

Preferred qualifications, capabilities and skills

• Awareness of evolving AI regulations and AI risk frameworks, with ability to translate them into practical governance, controls, and operating model requirements (e.g., EU AI Act, NIST AI RMF; familiarity with NIST/ISO is beneficial)
• Experience in a regulated environment is preferred (including roles within major cloud/service providers supporting regulated customers).

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. 

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.

Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.