Tech Risk Assurance Director

As a Tech Risk Assurance Director at JPMorgan Chase within the Risk Intelligence & Advisory (RIA) Team, you are an integral part of a team that works to identify, dimension and mitigate technology and infrastructure related risk. You will drive significant business impact through your focus on the identification, analysis, and management of technology risks, leveraging the depth and breadth of your background across cybersecurity and technology risk management. This role provides an exciting opportunity to collaborate with cross-product and functional teams, stay abreast of the latest developments in technology, resiliency and cybersecurity, and implement innovative solutions to reduce the organization/s systemic technology risk.

Job responsibilities

• Steer the development and implementation of robust risk management policies, standards, and controls, fostering a strong risk culture and promoting risk awareness and accountability across the Firm.
• Lead and collaborate with cross-functional project teams to deep-dive into identified risks, understand systemic failures and issues enabling the risk, and work with appropriate teams to craft remediation plans.
• Oversee execution of comprehensive risk assessments, control evaluations and thematic/strategic risk analysis. Utilize advanced analytics, cutting edge tools and emerging tech to identify patterns and anomalies that help dimension enterprise risk.
• Design and implement a structured service catalog covering intake, prioritization, scoping, data collection, analysis and output templates.
• Develop and maintain strong business and technology relationships, becoming a trusted partner. Communicate risk and control findings with key stakeholders, develop recommendations, and provide accurate metrics and management reports.
• Stay abreast of the latest developments in technology and cybersecurity to continuously improve risk management processes. Implement innovative solutions to enhance the organization's risk posture.
• Champion the adoption of emerging technologies and industry best practices to enhance the Firm's risk management capabilities and drive continuous improvement initiatives.

Required qualifications, capabilities, and skills

• Formal training or certification on technology risk management, cybersecurity, or a related field, focusing on risk assessment and mitigation and 7+ years of applied experience.
• Subject matter expertise in at least one of the following domains: Technology Operations, Vulnerability Management, Data Protection & Cryptography, Security Operations, Network Architecture, Technology Development/SDLC, Technology Resiliency or Identity and Access Management
• Proven experience in leading teams, managing cross-functional projects, and implementing risk management policies and processes.
• Proven experience in leading projects from scoping through delivery and tailoring polished deliverables to customer needs.
• Strong knowledge of current cybersecurity threats/trends, industry regulations, guidelines, and best practices, such as NIST, ISO, FFIEC, and GDPR.

Preferred qualifications, capabilities, and skills

• Strong executive communication skills to include the ability to concisely present and effectively communicate technical topics to a wide array of stakeholders.
• Aptitude to navigate ambiguous tasking, decompose complex problems and develop technical solutions or mitigating controls to align security with business objectives.
• Relevant education (bachelor’s, master’s) and industry recognized certifications (e.g. CISSP, CRISC, GIAC)