Apply Now    

VP, Governance Controls Officer - Risk Controls & Cybersecurity

Job Description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2 trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity.

Corporate Technology & Risk’s (CT&R) purpose is to ensure the security and resiliency of the Firm's computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the Firm's risk posture.  CTR is comprised of the following disciplines: Compliance Technology, Oversight & Controls Technology, Legal & e-Discovery, Identity & Access Management, IT Risk & Controls, HR Real Estate & Global Services Technology and Third Party Risk Management.


Risk Control & Cybersecurity (RCC) supports the Corporate Technology & Risk (CTR) organization to identify, analyze, manage and mitigate information technology risks.  The RCC organization is comprised of the following disciplines:  TCO Services, Risk Assessment/Policies and Standards, Cybersecurity Risk Management & Architecture, Cybersecurity Production Management, Controls Assurance & Resiliency, Controls & Cyber Program Delivery Office, APAC Controls & Cybersecurity and Audit, Issue & Regulatory Management functions.


The VP, Governance Controls Officer will be expected to assist with influencing effective risk management and controls assurance and providing governance and oversight for businesses through risk consultancy, identification of control weaknesses and recommendations for improvement opportunities, providing training and reporting of risk issues.  Responsibilities include understanding the firm’s risk agenda, technology agendas, working with Chief Technology Officers and their management teams to efficiently accomplish both agendas. 



  • Provide consulting support to risk colleagues for Access Management related Standards & Policies.
  • Provide control and governance support for all Identity & Access Management (IAM) investment programs.  Conduct Program control assessments to ensure alignment with audit and regulatory expectations and to maximize value.  Assist with CTR Access Uplift Execution.
  • Partner with cross LOB I&AM groups to provide central leadership from RCC function to ensure consistency.
  • Accountable for the implementation of new and strategic initiatives related to risk controls or security products and toolsets.  Conduct risk metric reporting for various I&AM programs.
  • Identify, define, approve and implement continuous process improvements utilizing various tools and methodologies.
  • Manage operational risk and ensure compliance to all internal and external policies and regulations.  Ensure appropriate control environment is developed and maintained.  Ensure successful implementation of applicable action plans to address risk and control issues.
  • Provide oversight and governance support for RCC Inter Affiliate Services (IAS) outsourcing service arrangements.
  • Provide oversight and governance support for Line Level Controls program, exploring opportunities to expand scope of program.
  • Develop and maintain strong relationships with business partners.  Ensure communication is customer focused and professional.  Serve as point of contact for AU/I&AM Program related escalations.


Required Qualifications:

  • Bachelor’s Degree or equivalent work experience required; MBA or a Master’s degree in Risk Management or similar discipline preferred
  • Minimum 6 years experience in technology risk management
  • Minimum 2 years supervisory experience and demonstrated leadership capabilities
  • Familiarity with IT risk management framework and control self assessment process
  • Demonstrated experience in Identity & Access Management
  • Industry recognized certifications (CISA, CISM, CRISC) preferred

Key Competencies:

  • Excellent interpersonal and communication skills, including ability to negotiate, compromise and demonstrate diplomacy in sensitive situations and to interact effectively with senior management across diverse cultures
  • Ability to manage complex, critical and dynamic environment where work tasks vary and processes are changing
  • Highly organized, flexible, proactive with the ability to adhere to deadlines
  • Ability to effectively manage and prioritize multiple projects simultaneously and work successfully under time pressures
  • Proven executive presentation skills including the ability to communicate risk posture clearly and concisely
  • Ability to mentor and provide strategic view into talent development
  • Ability to manage and drive technology risk management projects
  • Proven leadership skills with excellent track record in delivering high performance
  • Customer focused and professional
  • Strategic thinker; makes appropriate business decisions and gains cooperation of others
  • Results oriented; ready to challenge the status quo for continuous improvement
  • Strong interpersonal and team building skills
  • Strong analytical skills and attention to detail
  • Self motivated, results oriented
  • Strong understanding of information security and risk and control policies
  • High level of energy and can work under pressure with minimal supervision
  • Knowledge of IT Risk Standards and User Access Management Policies
  • Flexible to travel when required based on business demands
Req #: 160036937
Location: Tampa, FL US
Job Category: Technology
Employment Type: Full Time
Potential Referral Amount: 5000 US Dollar (USD)

Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Join Now

Privacy Statement

Any information you provide is confidential and will only be viewed by our recruiters in an effort to fill open positions. In addition, the information you provide is subject to our privacy policy practices.

Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.

The firm invites all interested and qualified candidates to apply for employment opportunities.

Need disability related assistance?

If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please contact us by calling (US and Canada Only) 1-866-777-4690. Please indicate the specifics of the assistance needed.

Keep in touch

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.