Technology Risk and Controls [Multiple Positions Available]

DESCRIPTION:

Duties: Oversee GT and operational metrics, impacting cyber and tech risk management for business lines, entities, and compliance with regulators, safeguarding JPMC's reputation and integrity. Develop a framework ensuring metrics are relevant, comprehensive, and aligned with industry standards and regulatory requirements across control domains, including technology development, resiliency, and data protection. Act as the first line of defense by developing a strategic plan for GT Metrics, aligning with risk management and business objectives, covering controls and risk types for robust global metrics coverage. Enforce partnerships with second and third defense lines to ensure the metrics program meets stringent risk reporting criteria, fortifying compliance and risk management. Lead advisory roles with metric owners, providing guidelines and tactical solutions to define metrics' scope and thresholds. Drive automation of the GT Metrics process, enhancing efficiency, accuracy, and responsiveness in risk management. Lead collaboration with IT, operations, compliance, and audit teams to ensure an integrated approach to risk management, reinforcing the firm's security posture.

QUALIFICATIONS:

Minimum education and experience required: Bachelor's degree in Electrical and Electronic Engineering, Computer Science and Information Security, or related field of study plus seven (7) years of experience in the job offered or as Technology Risk and Controls, Cybersecurity and Technology Controls, Senior consultant, or related occupation. The employer will alternatively accept a Master's degree in Electrical and Electronic Engineering, Computer Science and Information Security, or related field of study plus five (5) years of experience in the job offered or as Technology Risk and Controls, Cybersecurity and Technology Controls, Senior consultant, or related occupation.

Skills Required: This position requires five (5) years of experience with the following: Identifying, assessing, and providing recommendations for mitigating risk in Information technology or information security settings. This position requires one (1) year of experience with the following: End-to-end designing and administrating risk and control metrics across the technology risk metrics lifecycle; Developing and implementing Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), sourcing and integrating data from multiple systems, calibrating metric thresholds based on risk appetite, conducting ongoing performance monitoring, executing breach escalation protocols, and preparing comprehensive reports for technology control forums; Reviewing the effectiveness and utilization of KPIs and KRIs across key technology domains, including Data Protection such as ensuring data confidentiality or compliance, Identity and Access Management such as monitoring secure access controls, Technology Resiliency such as assessing system uptime and recovery capabilities, Vulnerability Management such as tracking identification or remediating security gaps, the SDLC Lifecycle such as evaluating secure development and change management processes, and Security Configuration such as ensuring adherence to security baselines and standards. This position requires any amount of experience with the following: Supporting risk mitigation strategies through risk governance, control evaluation, monitoring, and reporting; Performing IT General Controls testing for Change Management, Logical Access, Management and Security, Incident Management, and Data Backup and Restoration to assess the effectiveness of existing controls; Assessing business processes to develop business impact analyses, risk assessments, and business continuity policies using risk management frameworks.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, discretionary incentive compensation which may be awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. In addition, please visit: https://careers.jpmorgan.com/us/en/about-us.

Job Location: 10 S Dearborn St, Chicago, IL 60603.

Full-Time. Salary:  $166,000 - $175,000 per year.

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. 

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.