IAM Tech Risk and Controls Lead
Columbus, OH, United States
JPMorgan Chase & Co.
Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management.
As a Tech Risk & Controls Manager in Corporate Technology Identity & Access Management team, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll be at the forefront at keeping us compliant with cybersecurity requirements while enabling the implementation of the Firm's strategic vision. Key responsibilities include managing Roles Based Access (RBAC) for the Corporate Functions, in addition to ensuring strategic solutions are implemented to manage risk within tolerance. This role will be responsible for building relationships and communicating with internal teams while driving compliance. We are looking for an individual with strong analytic and collaborative skills who has the ability to manage multiple levels of responsibility and is comfortable leading a small team.
Job responsibilities
- Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
- Become the subject matter expert for Role-Based Access (RBAC) for Corporate business functions, driving strategy and adoption
- Analyze access configuration and entitlement data to prepare reports for internal customers, often in collaboration with development teams for reporting automation
- Be the primary contact for Role Based Access to interact with stakeholders in the Risk Management & Compliance organization, and be able to clearly communicate status updates and road-showing the product
- Represent the needs of Corporate Technology and the Corporate Functions as a customer to the relevant Product teams
- Interact with Technology Leadership, Line of Business (LOB) experts, and Application Development teams on an on-going basis for business as usual remediation activities, Audit and other risk-related activities, reporting and project initiatives
- Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
- Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
- Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
Required qualifications, capabilities, and skills
- 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
- Experience in Identity and Access Management and/or Technology Risk Management
- Self-motivated and confident with the ability to demonstrate leadership, challenging and influencing change
- Excellent verbal and written skills are critical since this job primarily entails abstracting and communicating technical information to non-technical audiences and their leadership
- Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
- Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
- Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives
Preferred qualifications, capabilities, and skills
- CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred
- Strong understanding of platform, database and domain access
- Knowledge of data transformation/automation tools (Alteryx, Xceptor, etc.)
- Experience with SailPoint Products
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Banking CISM CISSP Compliance CRISC Governance IAM Risk assessment Risk management SailPoint Strategy
Perks/benefits: Competitive pay Health care Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Ethical hacker / Pentester H/F jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information System Security Officer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open C-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs