Posted in

Tech Risk and Controls Lead

Tech Risk and Controls Lead

CompanyJP Morgan Chase
LocationMcLean, VA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
Degrees
Experience LevelSenior

Requirements

  • 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
  • Demonstrate strong public sector experience and a robust knowledge of NIST 800-53 and supporting controlling documents.
  • Proven ability to identify and isolate the security requirements embedded in any Request for Proposal (RFP) or expanded service and the demonstrated capacity to communicate that effectively to partners
  • Strong contracts background
  • Strong technical background and experience working closely with technical leaders and solutions architects.
  • Familiarity with US Government security requirements, regulations, and guidelines, have supported US federal pursuits
  • Experience with federal RFx compliance requirements.
  • Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
  • Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
  • Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives.

Responsibilities

  • Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
  • Develop and maintain robust relationships, becoming a trusted partner with various stakeholders, including Product Owners, Business Control Managers, and Regulators to facilitate cross-functional collaboration and progress toward shared goals.
  • Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
  • Identify to analyze, articulate, communicate, and track security compliance requirements as outlined by various global public sector clients
  • Work collaboratively with technology, product, and sales teams to evaluate Public Sector RFPs and RFIs, new product initiatives, and expanded product offerings
  • Independently gather, organize, and synthesize information from diverse payments stakeholders those from sales, engineering, solutions architecture, and other organizations
  • Contribute to proposal solutioning and strategy development sessions, asking clarifying questions to proactively guide content development in alignment with compliance guidelines
  • Curate, grow, and update resources to allow stakeholders of all types to self-service through the security criteria and understanding the compliance requirements embedded in government contracting.
  • Assist the ongoing FedRAMP effort to facilitate completion and going audit responsibilities
  • Drive continuous improvement initiatives related to the above responsibilities
  • Ensure candidates are comfortable creating documents that meet compliance requirements, align with sales objectives, provide clear technical and non-technical information, that help allow government customers to adopt JPMC payments services and products.

Preferred Qualifications

  • CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred