Jobs · Finance · Illinois

Technology Risk and Controls [Multiple Positions Available]

JPMorganChase · Chicago, IL · Today
On-siteFinance$185k/yrFull-time

Duties

Provide guidance in creating risk-focused metrics across technology domains for managing interactive and App2App privileged accounts, internal and third-party system access, cloud data encryption services, and technology asset lifecycle management.

Conduct reviews of cyber and technology metrics, ensuring proper scoping, sourcing in-scope technology asset data, calculation logic, and threshold setting to maintain effectiveness.

Analyze metric data and breach patterns, facilitating the calibration of thresholds to ensure effective technology risk management.

Generate reports with breach commentary for technology control forums, providing insights into risk profile across cybersecurity and technology controls landscape.

Develop and maintain management guidance for metrics, ensuring alignment with the Organization's Operational Risk Metrics Policy and promoting adherence among metric owners and stakeholders.

Enhance service capability of the Metrics Program by streamlining operational procedures and operationalizing processes for metrics owners, driving improvements in the operational efficiency of metrics governance processes.

Work with risk pillars, process owners, risk & control managers from lines of business, product partners and second line of defense to implement data-driven approach for cyber & technology control compliance and risk management.

Support the enhancement of technology risk and controls management, aligning with strategic objectives, cybersecurity principles and industry standards.

Qualifications

Minimum education and experience required: Bachelor's degree in Engineering (Any), Computer Science, Information Security, or related field of study plus 7 years of experience in the job offered or as Technology Risk and Controls Lead, Project Manager, Process Consultant, Corporate Quality, or related occupation.

The employer will alternatively accept a Master's degree in Engineering (Any), Computer Science, Information Security, or related field of study plus 5 years of experience in the job offered or as Technology Risk and Controls Lead, Project Manager, Process Consultant, Corporate Quality, or related occupation.

Skills

This position requires five (5) years of experience with the following:

  • Governing technology risk, identifying, managing and reporting risks, overseeing risk remediation, and treatment of non-compliance issues in technology risk and information security management.

This position requires one (1) year of experience with the following:

  • Identifying and evaluating technology and cyber risks, including change implementation and operation failures;
  • Defining risk and control metrics and developing frameworks aligned with industry standards;
  • Creating strategic plans for GT Metrics and designing KPI & KRI risk metrics, including scoping and data sourcing;
  • Analyzing data flow diagrams and assessing ingestion tools for data flow capabilities;
  • Governing metric development, ensuring lifecycle adherence, and calibrating thresholds according to risk appetite;
  • Monitoring metric performance, escalating breaches, and reporting to control forums;
  • Driving GT Metrics process automation;
  • Analyzing the impact of changes on technology processes for response strategies.

Similar jobs

Technology Risk and Governance

Arrowstreet Capital, Limited PartnershipBoston, MA· 1 mo ago
Information Technology$110k–$315k/yrapply on arrowstreetcapital.wd5.myworkdayjobs.com