Compliance - Technology Operational Risk Management Lead (Employee Platforms) - Vice President

JobID: 210561449

Category: CCOR LOB/CF/Country Coverage

JobSchedule: Full time

Posted Date: 2024-10-01T13:38:09+00:00

JobShift:

Base Pay/Salary: Brooklyn,NY $147,250.00-$215,000.00; New York,NY $147,250.00-$215,000.00; Jersey City,NJ $147,250.00-$215,000.00

Bring your expertise to JPMorgan Chase. As part of Risk Management and Compliance (RM&C), you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk RM&C is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As a Technology Operational Risk Management Lead for the Employee Platforms (EP) team within Compliance, Conduct and Operational Risk Technology & Cybersecurity (CCOR T&C), you will evaluate and identify control design and/or execution deficiencies of the first line's delivery of risk & controls framework, control integration & assessment, risk treatment & analytics, and governance and reporting practices.

CCOR T&C is a group within the Compliance, Conduct and Operational Risk (CCOR) organization and is responsible for the design and oversight of the second line of defense independent risk management program for Technology and Cybersecurity risks, leveraging the Operational Risk Framework, regulatory guidance (e.g., FFIEC, Heightened Standards, etc.) and laws, rules, and regulations.

The Tech & Cyber Operational Risk Lead covering the Employee Platforms area will support efforts to identify and assess risks across multiple technology risk domains, execute a risk-focused deep dive and targeted review strategy to evaluate control coverage and effectiveness, and provide independent challenge in product and risk pillar governance engagements. The successful candidate should be able to leverage experience in risk management, control implementation, compliance management, and an understanding of technology to identify operating control or process deficiencies within the technology stack or organization that may result in operating disruption, compliance, or security issues. In addition to executing a risk oversight plan, the ideal candidate will demonstrate the ability to develop and maintain credible relationships with first-line stakeholders across product and first line of defense risk pillars.

Job Responsibilities

• Identify operational risks stemming from expanding adoption of evolving Employee Platform products globally.
• Challenge first-line control designers and operators across all applicable control domains.
• Execute risk management, deep dive risk evaluations, and targeted review activities to identify operational and compliance risks during the development lifecycle.
• Identify opportunities to improve policy and standards that promote risk and control effectiveness in the product space.
• Monitor and assess all significant operational risk events (incidents).
• Support expanded focus on Third Party and Resiliency risks present in the EP product space.
• Assess the governance practices pertaining to the development, adherence and maintenance of technology policies, standards, and procedures.
• Evaluate Global Technology's framework to ensure sustainable industry best practice, regulatory and threat-informed risk and controls.
• Identify thematic risk based on key risk indicators and key performance indicator metric performance.
• Assess prioritization and treatment of control findings for Global Technology, along with action-oriented reporting to support operational risk decisions.
• Execute monitoring and testing activities to detect operational risks introduced throughout the technology lifecycle.

Required qualifications, capabilities, and skills

• Bachelor's degree in Computer Science, Information Systems, or a related field.
• 5+ years of experience in technology risk management and controls governance
• Knowledge of industry frameworks such as NIST, ISO, FFIEC, FSP and Heightened Standards.
• Familiarity with laws and regulations related to tech & cyber including privacy and outsourcing
• Strong written, verbal, analytical and problem-solving skills
• Ability to successfully communicate and influence management on all levels.
• Ability to work independently or with limited instruction.