Join our team to drive innovation in risk management and play a pivotal role in mitigating tech risks and upholding operational excellence. As a Tech Risk & Controls Lead in Cybersecurity and Technology Controls, you'll identify and mitigate compliance and operational risks, ensuring controls operate effectively and comply with standards. Collaborate with stakeholders to report on technology risk posture and its business impact.
As a Tech Risk & Controls Lead, you will be responsible for identifying, quantifying, communicating, and managing technology risk. You will partner with various stakeholders to develop and implement risk and controls governance processes, provide subject matter expertise, and execute reporting and governance of controls. Your advanced knowledge of risk management principles will enable you to drive innovative solutions and manage a diverse team.
Job Responsibilities:
1. Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations.
2. Partner with CTC M&A Architecture and Execution functions to develop and implement new risk and controls governance, evaluation, and oversight processes across the JPMC acquisition ecosystem.
3. Design and implement effective processes for standardized risk evaluation and reporting aligned to the new technical assessment services being executed by CTC M&A Architecture.
4. Partner with CTC M&A peers on the design and delivery of a new acquisition controls framework.
5. Provide Technology Risk and Controls subject matter expertise in the design and implementation of the CTC M&A continuous controls monitoring solution, including implementation of a new framework.
6. Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and informing governance work.
Required Qualifications, Capabilities, and Skills:
7. Significant experience or equivalent expertise in technology risk management, information security, or a related field, emphasizing risk identification, assessment, and mitigation.
8. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements.
9. Familiarity with Vanta CCM platform.
10. Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies.
11. Demonstrated ability to influence executive-level strategic decision-making and translate technology insights into business strategies for senior executives.
Preferred Qualifications, Capabilities, and Skills:
12. CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred.