Executive Director, Technology Risk Assessment for Financial Reporting

Join our team and take a leading role in shaping the future of technology risk management at JPMorgan Chase. As the Executive Director of Technology Risk Assessment for Financial Reporting within our Cybersecurity and Technology Controls Team you will be at the forefront of safeguarding our financial reporting processes and strengthening the security and resilience of our technology operations.

In this role you will evaluate and assess the impact of control deficiencies operational concerns and exceptions on the integrity of the banks financial reporting. Your expertise will also extend to broader aspects of technology security and operational resilience. By leveraging your deep knowledge of risk management principles you will identify and monitor risks implement effective controls and provide critical guidance on complex risk scenarios.

Your leadership in risk identification control evaluation and security governance will be essential in advising senior stakeholders and enhancing the firms overall risk posture. Through collaboration and strong analytical skills you will help protect our customers employees and communities while ensuring compliance with regulatory requirements and industry standards.

Job Responsibilities

• Identify and evaluate potential control deficiencies using automated compliance testing metrics and ongoing monitoring tools.
• Assess the impact of identified issues on JPMorgan Chases internal controls over financial reporting.
• Continuously monitor technology risks to ensure adherence to firm standards regulatory requirements and industry best practices.
• Lead comprehensive risk assessment activities including annual quarterly and ongoing reviews walkthroughs and oversight of control documentation and testing.
• Collaborate with cross-functional teams to implement and strengthen effective technology controls.
• Review and analyze the effectiveness of existing controls identify gaps and recommend enhancements to reduce risk and improve the firms risk posture.
• Provide expert analysis and guidance on complex risk scenarios supporting the development and execution of risk mitigation strategies.
• Partner directly with external auditors to scope and execute IT components of SOX SOC1 and SOC2 programs.
• Drive continuous improvement initiatives for risk assessment and SOX/SOC programs enhancing efficiency governance and audit processes.

Required Qualifications Capabilities and Skills

• Minimum 10 years of experience in technology risk management information security or a closely related field with proven expertise in risk identification assessment and mitigation.
• Extensive background in evaluating and addressing technology risks and control deficiencies with a deep understanding of industry standards and best practices.
• Strong analytical skills with a track record of resolving complex risk issues developing and implementing effective mitigation strategies and communicating recommendations to senior leadership.
• In-depth knowledge of risk management frameworks regulatory requirements and compliance standards including Sarbanes-Oxley (SOX) SOC1 SOC2 COSO NIST COBIT and SEC guidance for internal controls over financial reporting.
• Demonstrated ability to leverage IT expertise to address compliance challenges and enhance control environments.

Preferred Qualifications Capabilities and Skills

• Professional certifications such as CISA CISM CRISC CISSP or other recognized credentials in risk management or information security.
• Hands-on experience with leading cloud platforms including Azure AWS and Google Cloud.
• Exceptional communication and presentation abilities with a proven track record of effectively engaging and influencing senior management and stakeholders across all organizational levels.
• Strong interpersonal skills with the ability to collaborate influence and build partnerships with cross-functional and geographically dispersed teams.