JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.
Corporate Technology & Risk (CTR) delivers streamlined and consistent solutions supporting JPMorgan Chase’s Controls, Compliance, Legal, HR and IT Risk agendas, with a focus on stability, delivery, efficiencies and people. The goal of CTR’s drive to standardization, consistency and simplicity is a JPMorgan Chase architecture that fosters long-term productivity, quality and innovation across the entire enterprise. The disciplines within this organization are Compliance Technology, Oversight & Controls Technology, Legal & e-Discovery, Identity & Access Management, IT Risk & Controls, HR Real Estate & Global Services Technology, and Third Party Risk Management.
Technology Controls Program and practices’ purpose is to ensure the security and resiliency of the Firm’s computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the Firm's risk posture.
IT Risk and Controls: Oversight and governance of IT Risk across the firm including IT Risk posture, IT Risk assessment framework, IT regulatory compliance and IT policies and standards. In responding to this growth the Global Technology Controls Office (GTCO), is responsible for delivering a well controlled, resilient, compliant and secure technology environment through proactive risk and controls management and an embedded self sustaining controls culture. As a 1st Line of defense function GTCO work in partnership with our CIOs, CTOs, TCOs, ADMs, DBAs, etc. to deliver continuous improvement of our technology controls environment. CTCO provide the framework, methodology, tools and expertise to help design and embed a robust world class controls environment. In addition, we provide the necessary oversight and continuous assessment of Global Technology’s risk and controls profile.
This role will be responsible for ensuring that the tools used to assess the control environment globally across all JPMC lines of business (LOBs) are defined and developed in line with expectations. This person will play a crucial role in defining what the tools need to be capable of by managing business expectations with system functionality and ensuring that all business requirements are fully vetted with all necessary stakeholders. The individual in this role will also help to analyze firm wide control trends globally. A major part of the role is client servicing. The program’s stakeholders are split across each Line of Business within the Technology Control Organization. Maintaining relationships with all stakeholders in crucial in ensuring this role can be an influencer for pushing the program’s agenda forward.
The role will manage a team of Business Analysts and Risk Strategists and will be required to enforce sound SDLC controls and drive the program’s governance and adherence.
Manage governance of program ensuring adoption within the LOBs of program expectations and liasing closely with LOB Stakeholders to drive the program forward.
Application Risk Assessment Control Standard Owner.
Identify opportunities for efficiency within the program and drive changes through influencing stakeholders.
Lead business requirements sessions to document enhancements needed to the tools used to manage the program and to ensure end users needs are addressed.
Vet all requirements for the tool with necessary stakeholders setting expectations on the tool capabilities.
Manage releases to include new business requirements as requested. This role will be responsible for managing the UAT schedule, UAT preparation, UAT execution, Defect Management, and post implementation support.
Communicate effectively with LOBs on application and framework changes.
Drive program governance and framework changes across the firm leveraging the stakeholders across all LOBs to influence decisions/agreements across all stakeholders
Subject Matter Expert in the Application Risk Assessment Program to be point of contact for any identified process gaps to escalate to management as necessary.
8-10 minimum years of experience in the following fields: information risk management, information security management, operational risk, IT control environments
5+ years experience managing a team
Global experience is a must
Experience authoring business requirements documentation and other general SDLC knowledge from the business perspective
Ability to develop strong client and working relationships with the team is a must
Ability to be flexible, follow tight deadlines, organize and prioritize work
Clear, concise, and confident communicator (written & verbal)
Expertise in MS Office Suite, including PowerPoint, Excel, Project, Access
Strong Project Management, Change Management Skills
Ability to change direction and adjust priority as needed by senior management
Business Intelligence Reporting Tools Knowledge – in particular Cognos
Knowledge of SOX and FFIEC requirements desired
Knowledge of COBIT and ITIL standards desired
ISACA certifications desired (CRISC, CISM, CISA, CGEIT)
CISSP certification desired
Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.
The firm invites all interested and qualified candidates to apply for employment opportunities.
If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please contact us by calling (US and Canada Only) 1-866-777-4690. Please indicate the specifics of the assistance needed.