Vice President – Technology Risk & Controls
| Company | JP Morgan Chase |
|---|---|
| Location | Plano, TX, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior, Expert or higher |
Requirements
- 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
- Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
- Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
- Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives
- In depth understanding of cybersecurity frameworks and standards (e.g, NIST, CIS) and industry best practices to ensure compliance and enhance security posture.
- Familiarity with security concepts such as Vulnerability Management (CVE/NVD), cloud computing (AWS), EDR, SIEM, and SOAR.
Responsibilities
- Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
- Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
- Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
- Understand common cyber threats and vulnerabilities, provide advice on risk management strategies, and support the implementation of technical risk mitigation measures.
- Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
- Proactively manage Metrics and KRIs to identify non-compliance and assist in remediation with compensating controls to address security risk and controls gaps.
- Support the development and execution of the firm’s Vulnerability Management (VM) program, ensuring timely identification, assessment, and remediation of vulnerabilities across all technology platforms.
Preferred Qualifications
- CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred