What you'd actually do

Collect and meticulously review findings and telemetry data to ensure comprehensive risk assessment. Utilize advanced data analytics to identify patterns and anomalies that may indicate potential risks. providing a comprehensive risk assessment.

Conduct thorough root cause analysis to identify the underlying causes and themes of issues and incidents, developing actionable insights and recommendations to address these root causes and prevent recurrence.

Leverage subject matter expertise in cybersecurity controls and technology operations to identify emerging issues and articulate associated risks clearly. Communicate risk findings to stakeholders in a manner that is both informative and actionable.

Collaborate with cross-product and functional teams to analyze high-priority risks, evaluate gaps in related standards and controls, and create outputs that propel remediation plans, controls, and standards development.

Prepare detailed reports and documentation of risk assessments, findings, and recommendations. Ensure all documentation is accurate, comprehensive, and accessible to relevant stakeholders.

Skills

Required

6+ years of training or experience in cybersecurity with a strong understanding of threat modeling and risk assessment.
Strong analytical skills and experience in data analysis and root cause analysis.
Familiarity with industry standards and best practices for cyber risk management.
Subject mater expertise in at least one of the following domains: Vulnerability Management, Data Protection & Cryptography, Security Operations, Security Config, secure SDLC, Identity and Access Management.
Deep understanding of cyber risk scenarios for on-prem, SaaS and cloud-based solutions.
Excellent command of cyber and operations risk management processes, principles, and architectural requirements.
Demonstrated ability to work collaboratively with cross-functional teams.
In-depth knowledge of current cybersecurity threats, trends, and best practices.
Ability to prioritize and work under stringent timelines and lead within a cross-line of business technology organization.
Keen understanding of national and international laws, regulations, policies, and ethics related to financial industry cybersecurity.

Nice to have

AI Prompt Engineering
Hands-on experience with security testing, simulations, or tabletop exercises
Knowledge of cloud security principles and securing modern architectures (e.g. containers, micro-services)
Relevant certifications in cybersecurity or risk management are a plus
Experience operating in environments governed under compliance, regulatory, or risk reduction controls

We are seeking a highly skilled candidate with a strong background in cybersecurity and a keen ability to gather and review findings and telemetry data, conduct root cause analysis, and articulate risk effectively.

As a Cybersecurity - Tech Risk Lead at JPMorgan Chase within Cybersecurity Technology & Controls, you will play a pivotal role in ensuring the security and resilience of our systems and data. You will focus on the identification, analysis, and management of cyber risks, leveraging your expertise in cybersecurity to strengthen defenses, minimize vulnerabilities, and ensure compliance with security standards. You will have the opportunity to gather and review findings and telemetry data, conduct root cause analysis, and articulate risk effectively. This role provides an exciting opportunity to collaborate with cross-product and functional teams, stay abreast of the latest developments in technology and cybersecurity, and implement innovative solutions to enhance the organization's risk posture.

Job Responsibilities:

Collect and meticulously review findings and telemetry data to ensure comprehensive risk assessment. Utilize advanced data analytics to identify patterns and anomalies that may indicate potential risks. providing a comprehensive risk assessment.
Conduct thorough root cause analysis to identify the underlying causes and themes of issues and incidents, developing actionable insights and recommendations to address these root causes and prevent recurrence.
Leverage subject matter expertise in cybersecurity controls and technology operations to identify emerging issues and articulate associated risks clearly. Communicate risk findings to stakeholders in a manner that is both informative and actionable.
Collaborate with cross-product and functional teams to analyze high-priority risks, evaluate gaps in related standards and controls, and create outputs that propel remediation plans, controls, and standards development.
Prepare detailed reports and documentation of risk assessments, findings, and recommendations. Ensure all documentation is accurate, comprehensive, and accessible to relevant stakeholders.
Develop and maintain strong business and technology relationships, becoming a trusted partner. Communicate risk and control findings with key stakeholders, develop recommendations, and provide accurate metrics and management reports.
Stay abreast of the latest developments in technology and cybersecurity to continuously improve risk management processes. Implement innovative solutions to enhance the organization's risk posture.
Champion the adoption of emerging technologies and industry best practices to enhance the firm's risk management capabilities and fuel continuous improvement initiatives.

Required Qualifications, Capabilities, and Skills::

Obtain 6+ years of training or experience in cybersecurity with a strong understanding of threat modeling and risk assessment.
Strong analytical skills and experience in data analysis and root cause analysis.
Familiarity with industry standards and best practices for cyber risk management.
Subject mater expertise in at least one of the following domains: Vulnerability Management, Data Protection & Cryptography, Security Operations, Security Config, secure SDLC, Identity and Access Management.
Deep understanding of cyber risk scenarios for on-prem, SaaS and cloud-based solutions.
Excellent command of cyber and operations risk management processes, principles, and architectural requirements.
Demonstrated ability to work collaboratively with cross-functional teams.
In-depth knowledge of current cybersecurity threats, trends, and best practices.
Ability to prioritize and work under stringent timelines and lead within a cross-line of business technology organization.
Keen understanding of national and international laws, regulations, policies, and ethics related to financial industry cybersecurity.

Preferred Qualifications, Capabilities, and Skills:

AI Prompt Engineering
Hands-on experience with security testing, simulations, or tabletop exercises
Knowledge of cloud security principles and securing modern architectures (e.g. containers, micro-services)
Relevant certifications in cybersecurity or risk management are a plus
Experience operating in environments governed under compliance, regulatory, or risk reduction controls

#CTC