Description

As a world leading bank, our culture is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As a Technology & Cyber Risk Management Lead in our Technology & Cyber CCOR organisation you will have the opportunity to materially contribute and develop the Technology Compliance programme through your deep knowledge and experience of European and Global technology and cybersecurity laws, rules and regulations. You will work closely with the wider Technology & Cybersecurity CCOR team who is responsible for the design, implementation and oversight of the 2nd Line of Defence independent risk management program for technology and cybersecurity risks. As part of the team, you will also be able to broaden this platform to work on legal entity, regional and global initiatives, in addition to being part of local and firmwide community, and Diversity, Opportunity and Inclusion initiatives.

Job responsibilities

• Provide guidance to Technology on people, process, programs, projects and products related to regulatory requirements for resiliency, outsourcing, data loss prevention, Privacy, AI and cloud technology
• Review regulations and impact assessments, and work with divisional partners to advise the relevant owners on the development of policies and procedures within the legal entity and across other group legal entities as necessary
• Keep abreast of emerging technologies and related regulatory and legislative changes and provide advice to enable Technology and the business to implement applicable changes and operate in a compliant and controlled manner
• Support the review of significant events (including security events) over a defined economic threshold, including but not limited to, examination of event and resolution, back-testing against the firm's risk management framework results, metrics, escalations, reporting, and scenarios
• Provide guidance for appropriate application of policies, standards and procedures by employing data analytics on critical systems of records to identify potential issues and areas of risk in a highly efficient manner
• Provide guidance related to the adoption of technologies including Cloud and AI/ML
• Participate in the assessment of emerging risks as part of strategic business risk reviews, analysis of regulatory and market developments, New Business Initiative Approvals and review of external risk events
• Collaborate and engage with the regional or line of business conduct, compliance, and operational risk leads
• Build strong relationship with Technology stakeholders as their trusted strategic advisor

Required qualifications, capabilities, and skills

• Strong expertise in architecture, design and operation of highly complex systems for global businesses, preferably financial markets
• Strong analytical skills and a growth mindset keeping abreast of innovative use of technology and emerging technologies including agentic systems and Quantum
• Professional experience in risk management, compliance, or technology-related fields.
• Strong technical experience in technology, cybersecurity, governance, operational risk or technology compliance within the financial services industry or experience in an equivalent role in the technology industry
• Knowledge and experience with Information Security and Risk Management standards and frameworks such as NIST, ISO 27001/27002 and modern development practices and supporting toolsets (e.g. Agile, DevOps, AI assisted coding)
• Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required
• Understanding of technology risk management and control principles with a proven ability to anticipate and identify risks and effective mitigating actions
• Strong organizational, project management, data analysis and modern data analytic techniques, multi-tasking and stakeholder management skills with demonstrated ability to manage expectations and deliver results with a high level of professionalism, self-motivation, and integrity
• Experienced in using AI tools to support data analytics and preparation of deliverables

Preferred qualifications, capabilities, and skills

• EMEA technology regulatory knowledge is preferred and an understanding of EU regulation (i.e. DORA, EU AI Act, , NIS etc.)
• Professional IT and Information Security certifications such as CISSP, CISA, CISM, CRISC, CGEIT as well as Cloud related certifications (e.g. CCSP, AWS Certified Practitioner) are beneficial
• Knowledge of innovative and automation technologies and supporting toolsets such Alteryx, UiPath, Qlik sense, Tableau etc
• Experience of implementing innovative methods of overseeing risks using modern data driven and analytical techniques would be a key advantage.

About Us

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

About the Team

\n Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.\n
\n
\n
\n
\n
\n Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.\n