Description

Are you ready to make a real impact in digital banking? Join our innovative team at JPMorgan Chase as we launch Chase Germany and revolutionize mobile banking. You'll be part of a diverse, collaborative environment where your ideas and expertise drive meaningful change. We offer unparalleled opportunities for career growth, skill development, and the chance to work with cutting-edge technology. Your contributions will help build the bank of the future and deliver exceptional experiences to millions of customers.

As a Technology Risk & Controls Lead in the Cybersecurity & Technology Controls team, you will analyze, consolidate, and support the production of reports on trends and metrics for a range of audiences, including management and external regulators. You will articulate cyber and technology risks, working closely with technical and non-technical control owners to drive actionable remediation. In this role, you will collaborate with stakeholders in a dynamic technical environment, helping to shape the future of digital banking in Germany. You will have the opportunity to grow your expertise and make a significant impact on our team and customers.

Job responsibilities

• Lead and mature cyber risk management activities across consumer banking products, providing thought leadership and guidance.
• Ensure technology risk is identified, quantified, communicated, and managed, including root cause analysis and recommendations.
• Develop, monitor, and report on cybersecurity KPIs and KRIs to enhance technology control effectiveness.
• Support and review technology controls against requirements, policy statements, and regulatory standards.
• Analyze and report on compliance at the LoB, firmwide, and regulatory levels.
• Build and maintain strong relationships with stakeholders, technology teams, and corporate functions.
• Facilitate oversight and business-as-usual risk activities.
• Deliver effective reporting on technology control performance.
• Collaborate with cross-functional teams to drive continuous improvement.
• Communicate complex technology and security risks to non-technical audiences.
• Mentor and support junior staff in risk management best practices.

Required qualifications, capabilities, and skills

• Bachelor's degree or equivalent combination of education and relevant experience.
• 8 years of relevant work experience in IT and cybersecurity controls.
• Expertise in banking regulations, EBA Guidelines on ICT and Security Risk Management, DORA, ISO27001, GDPR, and NIST frameworks.
• Experience with IT risk management operating models and three lines-of-defense frameworks.
• Proficiency in Cloud technologies and modern engineering practices, including containerization, chaos engineering, and CI/CD security.
• Advanced knowledge of information security domains, including risk and control assessments, access controls, regulatory compliance, technology resiliency, incident management, vulnerability management, third-party risk management, and data protection.
• Strong analytical skills and ability to deliver measurement and reporting for continuous improvement.
• Excellent communication skills and ability to collaborate with diverse teams.
• Technical understanding of Cloud and on-prem computing (Public - GCP & AWS, Private, Hybrid).
• Self-motivated with a desire to learn and operate on multiple tasks while maintaining high delivery standards.

Preferred qualifications, capabilities, and skills

• Certifications in CISA, CISM, CRISC, CISSP, CCSP, AWS, GCP, or similar.
• Experience with German regulatory requirements in consumer banking cybersecurity.
• Experience operating within a regulated industry.

About Us

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.