Bring your expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.
As a Technology Operational Risk Officer within our Risk Assessment team, you will apply a data-first risk approach and strong understanding of modern software engineering, cloud, cybersecurity, and AI-enabled development to identify and assess technology and cyber operational risk in the Wealth Management line of business. You will evaluate whether risks are effectively managed and provide pragmatic, evidence-based guidance—particularly as engineering teams adopt coding assistants and agentic AI capabilities that introduce new security, resilience, and data risks.
Job responsibilities:
- Perform independent Technology and Cybersecurity operational risk assessments for Wealth Management technology assets using a data-first approach to identify and mitigate potential risks
- Use Python and SQL to analyze large data sets and risk telemetry (e.g., incidents, change, vulnerability, access, control results) to produce actionable insights, including identifying areas of unmanaged risk
- Identify technology operational risks driving the root cause of production issues (availability, performance, reliability, capacity) that disrupt technology services or business functions
- Assess technology and cyber risks associated with strategic change programs, including cloud migrations, platform modernization, and adoption of AI-enabled tooling
- Evaluate risks arising from coding assistants and agentic AI use in the SDLC
- Identify thematic risk based on KRI/KPIs and control performance reporting; spot trends across incidents, vulnerabilities, change failures, and operational health
- Provide clear, practical recommendations to developers and product teams to improve operational resilience and cyber risk management (e.g., secure-by-design, least privilege, SDLC controls, testing, monitoring)
- Keep stakeholders informed on Technology and Cyber risk status for Wealth Management, including material risk themes, emerging risks, and remediation progress
- Research external events and evolving threats (including AI-related attack patterns) and evaluate potential impact to the line of business
Required Qualifications, Capabilities and Skills:
- Bachelor’s degree in Computer Science, Engineering, Data Analytics, or a related field
- Proficiency in SQL and Python analytics
- Strong understanding of modern SDLC practices and controls: testing/quality, CI/CD, change and release management, and production support/incident management
- Working knowledge of cloud and contemporary engineering patterns (e.g., APIs, microservices, containers, infrastructure-as-code concepts) and how they affect operational and cyber risk
- Foundational cybersecurity knowledge, including common application and data risks (e.g., secrets handling, authentication/authorization, vulnerability management, secure configuration)
- Awareness of AI-enabled development and agentic AI risk considerations, including data confidentiality, prompt injection/indirect prompt injection, tool/connector risk, and governance/controls needed for safe adoption
- Strong communication and collaboration skills, with ability to convey complex technical concepts to non-technical stakeholders effectively
- Confidence to debate how a risk is being managed while maintaining constructive working relationships with business counterparts
- Commitment to continually develop skills in cybersecurity, technology operations, risk management, and emerging AI risks
**Preferred Qualifications, Capabilities and Skills: **
- Proficiency in Pandas, NumPy; visualization a plus