Tech Risk & Control Lead - Audit & Issue Management

Duties/Responsibilities include but are not limited to:

• Work with all three JPMC Lines of Defense to ensure the accuracy of statements and identified risk
• Partner with other Tech Risk & Control personnel to ensure appropriate root cause analysis to confirm thorough understanding of findings/observations
• Ensure only qualified risks are entered into CORE and adhere to GRC quality requirements for Issues
• Provide auditability, risk, and sustainability advisement and approval for all identified Issues
• Ensure Issue Action Plans (APs) sufficiently and sustainably address the identified risk

• Review/approve all Issue and AP closure documentation

• Establish and maintain strong relationships with internal and external stakeholders, including key cross-functional team leads, to ensure compliance with Firm Issue Management Standards and Procedures

• Respectfully challenge viewpoints of all three Lines of Defense

• Review/approve all Issue and AP completion evidence

This role requires a wide variety of strengths and capabilities, including:

• 5+ years of experience in technology audit, expertise in technology risk management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation

• In-depth experience in audit and risk management practices/functions

• CISA designation required, CRISC designation preferred

• Advanced knowledge of IT control frameworks

• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection

• Experience working across large complex business and technical environments

• Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals