Apply Now    

Technology Controls Officer (TCO)

Job Description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.

The Technology Controls Team is responsible for IT risk coverage for JPMorgan Chase's Risk & Finance Technology (RFT) line of business. The goal of this team is to consistently identify, assess, and manage technology risks across all environments. Where controls are not adequate, this team escalates those concerns and assists with driving improvements to the overall control environment. To accomplish this goal, the team partners with corporate groups including the Global Privacy Office, Corporate ITRM, Audit, and the RFT Technology teams. The team also serves the business in a consultative manner, providing guidance to the business on addressing identified technology risks.
 
As a Technology Controls Officer, you will support Control Self Assessment (CSA) reviews, IT risk management oversight, facilitate remediation efforts as needed and support reporting for LOB management.
 
The RFT TCO team supports all of the Information Security and Technology Risk Management for their groups within the Risk and Finance Technology organization, as well as the Risk functions for the firm. This lead role will be expected to use their experience and knowledge to contribute to the wider strategy implementation for Risk & Finance Technology and manage relationships successfully with senior management in the business, technology and corporate functions, such as Internal Audit.  The TCO Team works closely with the Control functions to ensure that they meet all corporate policy and standards as well as specific requirements for risk as a function, and will work on special projects to enhance controls leveraging skills and expertise across the corporate sector and the firm.
 
The key responsibilities of the Information Risk Manager include:
  • Take a leadership role in working with CTO’s and their organizations to ensure the RFT TCO strategy is executed
  • Work with a team of Technology Control specialists to ensure the technology risk environment is controlled and risks minimized, breaking down data to provide groups with their specific view of the current state of Controls and Residual Risk
  • Assist in interpreting corporate control guidelines and policies, communicating these clearly alongside current status, and guide constituents to ensure compliance in a pragmatic fashion
  • Ensure information risk control issues/gaps are documented clearly and remediation plans are developed to address them, as well as investigating and resolving control incidents
  • Participate and, where appropriate, lead projects to improve or remediate controls with scope varying from individual groups to RFT as a whole
  • Coordinate interaction with internal and external audit on control requirements and/or issues.  Ensure information from past audits is leveraged to improve controls across the entire area.
  • Build a culture focused on awareness of the technology risk environment, utilizing existing training materials and developing content, where applicable
  • Assist with monitoring existing technology issues and actions and support the closure verification process, negotiate remedial actions and due dates
  • Enforce compliance with Firm-wide risk reduction programs  
  • Assist with the quality assurance review of various control assessment programs
  • Leverage scorecards to help Technology Controls Team manage internal objectives (e.g., timely completion of assessments, action plan closure status)
  • Identify opportunities for process improvements to deliver increasing efficiency within assessment framework

  • 8+ years of experience in IT, IT Risk management, Audit or equivalent
  • Proficient and capable to communicate the Inherent Risk and Control effectiveness to others
  • Proficient risk assessment, interpretation, analytical and negotiation skills
  • Proficient verbal and written communication skills, including the ability to effectively lead discussions and meetings with senior management
  • Knowledge of current regulatory impact and expectations on technology per Sarbanes Oxley, Gramm-Leach Bliley Act, Frank-Dodd, Basel and other regulations affecting Risk and Finance
Req #: 160036416
Location: Brooklyn, NY US
Job Category: Technology
Employment Type: Full Time
Potential Referral Amount: 5000 US Dollar (USD)

Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Join Now

Privacy Statement

Any information you provide is confidential and will only be viewed by our recruiters in an effort to fill open positions. In addition, the information you provide is subject to our privacy policy practices.

Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.

The firm invites all interested and qualified candidates to apply for employment opportunities.

Need disability related assistance?

If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please contact us by calling (US and Canada Only) 1-866-777-4690. Please indicate the specifics of the assistance needed.


Keep in touch

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.