Compliance - Identity and Access Management Technology, Operational Risk - Executive Director

Bring your expertise to JPMorgan Chase.

As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient.

You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities.

Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As an Identity and Access Management (IAM) Technology Operational Risk Management Executive Director within the Compliance Conduct and Operational Risk Technology & Cybersecurity (CCOR Tech & Cyber) group, you will focus on providing independent oversight of IAM-related operational risk management practices across Lines of Business (LOBs), Regions, and Corporate Functions (CFs).

Your role will involve ensuring compliance with technology and cybersecurity laws, rules, and regulations specifically related to identity and access management.

You will be responsible for reviewing and assessing the governance of IAM processes and controls, identifying risks inherent in JPMorgan Chase's technology environment, and ensuring that access to systems and data is appropriately managed and secured.

This includes evaluating the effectiveness of IAM frameworks, policies, and procedures, and ensuring that they align with industry best practices and regulatory requirements.

Job responsibilities


* Conduct in-depth inspections of IAM technologies within processes or firm-wide for compliance and effectiveness.


* Stay informed on IAM enforcement actions, regulatory changes, and emerging solutions for compliance.


* Respond to regulatory inquiries on IAM, providing documentation and insights to demonstrate compliance.


* Engage with cybersecurity teams to align IAM practices with the control environment.


* Review significant events where IAM is a factor to derive lessons learned and improve processes.


* Assess IAM-related technology risks and coordinate with application risk assessments.


* Evaluate IAM security risks in third-party relationships, focusing on technology expertise.


* Develop risk positions for new technologies, escalating and tracking risk items as necessary.


* Identify global risk concentrations, assess risks, and recommend control adjustments.


* Analyze Operational Risk losses and events to inform RCSA results and technology assessments.


* Participate in IAM governance forums to provide insights and drive strategic risk management initiatives.

Required qualifications, capabilities and skills


* BS or BA degree in computer science or possess equivalent experience.


* 10+ years in IAM cybersecurity or engineering roles.


* Deep understanding of IAM, PAM, and RBAC.


* Familiarity with MFA, SSO, and zero trust architecture


* Knowledge of cloud security and hybrid IAM implement...