Technology Risk and Controls - Executive Director

Job Description
We know that people want great value combined with an excellent experience from a bank they can trust, so we launched our digital bank, Chase UK, to revolutionize mobile banking with seamless journeys that our customers love. We're already trusted by millions in the US and we're quickly catching up in the UK - but how we do things here is a little different. We're building the bank of the future from scratch, channeling our start-up mentality every step of the way - meaning you'll have the opportunity to make a real impact.
As the Technology Risk & Controls Director within the International Consumer Bank at JPMorgan Chase, you will be part of a flat-structure organization. You will deliver end-to-end cutting-edge solutions through cloud-native microservices architecture applications, leveraging the latest technologies and best industry practices. Your role involves engaging in the design and architecture of solutions while focusing on all stages of the SDLC lifecycle.
Our Cybersecurity and Technology Controls team is central to this initiative, aiming to bring innovative ideas to our customers. We seek team members with a curious mindset who thrive in collaborative squads and are passionate about new technology. Our team members are solution-oriented, commercially savvy, and have a strong interest in fintech. We operate in tribes and squads dedicated to specific products and projects, offering opportunities to move between them based on your strengths and interests. While professional skills are essential, we equally value culture and diversity of thought, experience, and background. By fostering diverse perspectives, we aim to represent everyone and reflect the communities we serve, allowing you to make a significant impact on our company, clients, and business partners globally.
Job responsibilities

• Lead the maturity of cyber risk management activities across consumer banking products and provide thought leadership and guidance to peers and senior management.
• Ensure technology risk impacting the business is effectively identified, quantified, communicated, and managed, including recommendations for resolution and identifying the root cause/key themes.
• Provide security engineering and design support to technology teams and ensure controls are hardened through testing and as part of production deployments.
• Provide first line oversight and monitoring of key risks across technology, including core architecture and infrastructure, data management, development, and cyber security.
• Ensure regional oversight and governance by leveraging specific KPIs and KRIs.
• Work closely with the security architecture teams to ensure security controls are reviewed as part of new product designs or current product enhancements.
• Interface with technology and other supporting corporate functions on an on-going basis for business-as-usual risk activities, reporting, and project initiatives.
• Evaluate regulatory and policy changes relating to cybersecurity and technology impacting the International Consumer business.

Required qualifications, capabilities, and skills

• Hold a bachelor's degree or possess an equivalent combination of education and relevant experience.
• Demonstrate experience with retail banking regulatory requirements in cybersecurity domains.
• Apply knowledge of cloud technologies and modern engineering practices, including containerization, access management, monitoring, and CI/CD security.
• Possess advanced understanding of multiple IT and cybersecurity controls and regulatory requirements, with experience in large-scale environments.
• Communicate effectively and collaborate with high-performing teams and individuals to achieve shared goals.
• Explain complex technology and security risks to non-technical audiences with clarity.
• Utilize strong proficiency in MS Office tools to create high-quality deliverables for internal and external stakeholders.
• Show expertise in information security domains such as policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, governance and metrics, incident management, secure systems development lifecycle, vulnerability management, third-party risk management, and data protection security.
• Apply analytical skills to solve and communicate complex problems, perform data analytics, and drive continuous improvement through measurement and reporting.
• Demonstrate expertise in application and infrastructure high-availability and resiliency architectures.
• Operate effectively within regulated industries, leveraging IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and risk intelligence capabilities.

Preferred qualifications, capabilities, and skills

• Certified in CISA, CISM, CRISC, CISSP, CCSP, AWS Certified Security, and/or AWS Certified Solutions Architect or similar

#ICBCareers
About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.