Technology Risk and Control Lead

JPMorgan Chase JPMorgan Chase · Banking · Columbus, OH +1 · Corporate Sector

This role focuses on managing technology risk and controls within an enterprise environment, leveraging existing AI capabilities to enhance risk assessment and reporting processes. The lead will identify, mitigate, and report on technology risks, ensuring compliance with regulatory and industry standards, and collaborating with various stakeholders. While the role utilizes AI tools, it does not involve building or developing AI models.

What you'd actually do

  1. Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations.
  2. Lead and participate on technology audit engagements, from planning to reporting, and produce quality deliverables to both department and professional standards, while ensuring audits are completed timely and within budget.
  3. Finalize audit findings and use judgment to provide an overall opinion on the control environment by developing recommendations to strengthen internal controls.
  4. Uses enterprise-authorized AI capabilities within the work environment to accelerate synthesis of risk/control evidence and draft executive-ready reporting, validating outputs and handling data according to sensitivity and security requirements
  5. Engaging and supporting stakeholders across Global Technology, 2nd and 3rd lines of defense and our regulators.

Skills

Required

  • 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation.
  • Familiarity with risk management frameworks, industry standards, and technology regulatory requirements.
  • Proficient knowledge and expertise in resiliency, data security, risk assessment & reporting, controls evaluation, design, execution and governance, with a proven record of implementing effective risk mitigation strategies.
  • Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support technology risk and controls workflows with strong validation habits and awareness of data sensitivity.
  • Ability to review and validate AI-assisted risk summaries and recommendations before use, escalating when uncertain and ensuring outcomes align to security, auditability, and regulatory expectations.
  • Demonstrated ability to influence management-level strategic decision-making and translating technology insights into business strategies for senior executive.

Nice to have

  • CISM, CISA, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred.
  • Experience with Microsoft suite (PowerPoint, Excel, Word).
  • Experience with Atlassian (JIRA, Confluence).
  • Experience an ex auditor within technology monitoring.
  • Cybersecurity lead within remediation.
  • Technology engineer who is risk focused and heavier on infrastructure/configuration domain.

What the JD emphasized

  • technology risk management
  • risk identification
  • risk assessment
  • risk mitigation
  • regulatory requirements
  • control effectiveness
  • regulatory compliance