Technology Risk and Controls Lead (Cybersecurity Governance)

Are you ready to make a real impact in digital banking Join our innovative team at JPMorgan Chase as we launch Chase Germany and revolutionize mobile banking. Youll be part of a diverse collaborative environment where your ideas and expertise drive meaningful change. We offer unparalleled opportunities for career growth skill development and the chance to work with cutting-edge technology. Your contributions will help build the bank of the future and deliver exceptional experiences to millions of customers.

As a Technology Risk & Controls Lead in the Cybersecurity & Technology Controls team you will analyze consolidate and support the production of reports on trends and metrics for a range of audiences including management and external regulators. You will articulate cyber and technology risks working closely with technical and non-technical control owners to drive actionable this role you will collaborate with stakeholders in a dynamic technical environment helping to shape the future of digital banking in Germany. You will have the opportunity to grow your expertise and make a significant impact on our team and customers.

Job responsibilities

• Lead and mature cyber risk management activities across consumer banking products providing thought leadership and guidance.
• Ensure technology risk is identified quantified communicated and managed including root cause analysis and recommendations.
• Develop monitor and report on cybersecurity KPIs and KRIs to enhance technology control effectiveness.
• Support and review technology controls against requirements policy statements and regulatory standards.
• Analyze and report on compliance at the LoB firmwide and regulatory levels.
• Build and maintain strong relationships with stakeholders technology teams and corporate functions.
• Facilitate oversight and business-as-usual risk activities.
• Deliver effective reporting on technology control performance.
• Collaborate with cross-functional teams to drive continuous improvement.
• Communicate complex technology and security risks to non-technical audiences.
• Mentor and support junior staff in risk management best practices.

Required qualifications capabilities and skills

• Bachelors degree or equivalent combination of education and relevant experience.
• 8 years of relevant work experience in IT and cybersecurity controls.
• Expertise in banking regulations EBA Guidelines on ICT and Security Risk Management DORA ISO27001 GDPR and NIST frameworks.
• Experience with IT risk management operating models and three lines-of-defense frameworks.
• Proficiency in Cloud technologies and modern engineering practices including containerization chaos engineering and CI/CD security.
• Advanced knowledge of information security domains including risk and control assessments access controls regulatory compliance technology resiliency incident management vulnerability management third-party risk management and data protection.
• Strong analytical skills and ability to deliver measurement and reporting for continuous improvement.
• Excellent communication skills and ability to collaborate with diverse teams.
• Technical understanding of Cloud and on-prem computing (Public GCP & AWS Private Hybrid).
• Self-motivated with a desire to learn and operate on multiple tasks while maintaining high delivery standards.

Preferred qualifications capabilities and skills

• Certifications in CISA CISM CRISC CISSP CCSP AWS GCP or similar.
• Experience with German regulatory requirements in consumer banking cybersecurity.
• Experience operating within a regulated industry.

#CTC