Compliance- Identity and Access Management Technology, Operational Risk, Executive Director

Job Description
Bring your expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.
As an Identity and Access Management (IAM) Technology Operational Risk Management Executive Director within the Compliance Conduct and Operational Risk Technology & Cybersecurity (CCOR Tech & Cyber) group, you will focus on providing independent oversight of IAM-related operational risk management practices across Lines of Business (LOBs), Regions, and Corporate Functions (CFs). Your role will involve ensuring compliance with technology and cybersecurity laws, rules, and regulations specifically related to identity and access management. You will be responsible for reviewing and assessing the governance of IAM processes and controls, identifying risks inherent in JPMorgan Chase's technology environment, and ensuring that access to systems and data is appropriately managed and secured. This includes evaluating the effectiveness of IAM frameworks, policies, and procedures, and ensuring that they align with industry best practices and regulatory requirements.
Job responsibilities

• Conduct in-depth inspections of IAM technologies within processes or firm-wide for compliance and effectiveness.
• Stay informed on IAM enforcement actions, regulatory changes, and emerging solutions for compliance.
• Respond to regulatory inquiries on IAM, providing documentation and insights to demonstrate compliance.
• Engage with cybersecurity teams to align IAM practices with the control environment.
• Review significant events where IAM is a factor to derive lessons learned and improve processes.
• Assess IAM-related technology risks and coordinate with application risk assessments.
• Evaluate IAM security risks in third-party relationships, focusing on technology expertise.
• Develop risk positions for new technologies, escalating and tracking risk items as necessary.
• Identify global risk concentrations, assess risks, and recommend control adjustments.
• Analyze Operational Risk losses and events to inform RCSA results and technology assessments.
• Participate in IAM governance forums to provide insights and drive strategic risk management initiatives.

Required qualifications, capabilities and skills

• BS or BA degree in computer science or possess equivalent experience.
• 10+ years in IAM cybersecurity or engineering roles.
• Deep understanding of IAM, PAM, and RBAC.
• Familiarity with MFA, SSO, and zero trust architecture
• Knowledge of cloud security and hybrid IAM implementations (Azure, AWS, GCP).
• Ability to assess and remediate IAM vulnerabilities and access control weaknesses.
• Hands-on experience with IAM tools like SailPoint, Okta, CyberArk, Microsoft Entra ID, and Ping Identity.
• Experience managing and securing Microsoft Active Director (AD) and Azure AD (Entra ID).

Preferred qualifications, capabilities and skills

• Expertise in GPO, Kerberos authentication, NTLM, and LDAP.
• Implementation of least privilege access, PAM, and administrative tiering in AD.
• Experience with ADFS, conditional access policies, and identity federation.
• Understanding of AD-related security threats and familiarity with Microsoft Defender for Identity and Azure AD Identity Protection.

About Us
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.
Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.