Tech Risk Assurance Director - Technology Resiliency Global Risk

Join us in a pivotal role where your expertise in cybersecurity and risk management shapes our global tech resilience.

As a Tech Risk Assurance Director in the Cyber and Tech Controls line of business, you will provide confidence to the firm's leaders by ensuring products and Lines of Businesses achieve their objectives while effectively measuring and managing risk.

Developing and implementing revised or new policies and processes will be a central responsibility, with a focus on anticipating and prioritizing unknown thematic technical risk 'hotspots'.

Collaborating with cross-product and functional teams, you will analyze high-priority risks, evaluate gaps in related standards and controls, and create outputs that propel remediation plans, controls and standards development, and strategy.

Your expertise in risk management, data security, and security governance will be crucial in navigating the dynamic landscape of evolving cyber threats, technology advancements, and global regulations.

The primary responsibilities are to support the cybersecurity domain construct for Cybersecurity Assurance and focus on governance and compliance of regulatory and control obligations for the Cybersecurity of the firm, including such disciplines as SIEM, DLP, Digital Forensics, Network Telemetry and File Analysis, Cyber Intel, Vulnerability Management, Attack Simulation, Security Configuration, and Endpoint Detection and Response and Technology Resiliency.

You will play an important role in securely enabling the firm through managing the risk profile and aligning cybersecurity and technology controls requirements and product capabilities.

The Cybersecurity Assurance Technology Risk Pillar Lead is responsible for building and leading a team responsible for coordinating the control framework, program, and approach for the JPMC security architecture, policies, standards, risk assessments, monitoring, and certification around technology resiliency.

This role engages in areas of development, design, and monitoring of corporate and global control programs, and acts as a liaison between management, the Lines of Business, internal and external audit, and regulators.

The key focus of this role will be to build and lead a team of professional cybersecurity experts in the areas of Technology Resiliency with an understanding of other cybersecurity and technology disciplines that have impacts to the resiliency of applications and critical services.

Job responsibilities


* Understand and have experience supporting regulatory engagements aligned to the FFIEC handbook and have in depth knowledge of industry best practice and control guidance provided by NIST, CIS, DISA and others


* Investigate, analyze, document, remediate, track, and report technology risks and associated controls; Design and development of control requirements based on new and emerging technological solutions in a measurable way, ensuring that existing and new solutions are designed to be contin...