Tech Risk Assurance Lead-Technical SME
| Company | JP Morgan Chase |
|---|---|
| Location | New York, NY, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- 5+ years of experience or equivalent expertise in technology risk management, cybersecurity, or a related field, focusing on risk assessment and mitigation.
- Strong analytical skills and experience in data analysis and root cause analysis.
- Subject matter expertise in at least one of the following domains: Technology Operations, Vulnerability Management, Data Protection & Cryptography, Security Operations, Security Config, Technology Development/SDLC, Technology Resiliency or Identity and Access Management.
- Deep understanding of cyber risk scenarios for on-prem, SaaS and cloud-based solutions.
- Excellent command of cyber and operations risk management processes, principles, and architectural requirements.
- Demonstrated ability to work collaboratively with cross-functional teams.
- In-depth knowledge of current cybersecurity threats, trends, and best practices.
- Ability to prioritize and work under stringent timelines and lead within a cross-line of business technology organization.
- Keen understanding of national and international laws, regulations, policies, and ethics related to financial industry cybersecurity.
Responsibilities
- Collect and meticulously review findings and telemetry data to ensure comprehensive risk assessment. Utilize advanced data analytics to identify patterns and anomalies that may indicate potential risks, providing a comprehensive risk assessment.
- Conduct thorough root cause analysis to identify the underlying causes and themes of issues and incidents, developing actionable insights and recommendations to address these root causes and prevent recurrence.
- Leverage subject matter expertise in cybersecurity controls and technology operations to identify emerging issues and articulate associated risks clearly. Communicate risk findings to stakeholders in a manner that is both informative and actionable.
- Collaborate with cross-product and functional teams to analyze high-priority risks, evaluate gaps in related standards and controls, and create outputs that propel remediation plans, controls, and standards development.
- Prepare detailed reports and documentation of risk assessments, findings, and recommendations. Ensure all documentation is accurate, comprehensive, and accessible to relevant stakeholders.
- Develop and maintain strong business and technology relationships, becoming a trusted partner. Communicate risk and control findings with key stakeholders, develop recommendations, and provide accurate metrics and management reports.
- Stay abreast of the latest developments in technology and cybersecurity to continuously improve risk management processes. Implement innovative solutions to enhance the organization’s risk posture.
- Champion the adoption of emerging technologies and industry best practices to enhance the firm’s risk management capabilities and fuel continuous improvement initiatives.
Preferred Qualifications
- AI Prompt Engineering
- Expertise in Agile methodologies and ability to work with common frameworks.
- Relevant certifications in cybersecurity or risk management are a plus.
- Experience operating in environments governed under compliance, regulatory, or risk reduction controls.