Job Description

Are you ready to make a real impact in digital banking? Join our innovative team at JPMorgan Chase as we launch Chase Germany and revolutionize mobile banking. You’ll be part of a diverse, collaborative environment where your ideas and expertise drive meaningful change. We offer unparalleled opportunities for career growth, skill development, and the chance to work with cutting-edge technology. Your contributions will help build the bank of the future and deliver exceptional experiences to millions of customers.

As a Technology Risk & Controls Lead in the Cybersecurity & Technology Controls team, you will analyze, consolidate, and support the production of reports on trends and metrics for a range of audiences, including management and external regulators. You will articulate cyber and technology risks, working closely with technical and non-technical control owners to drive actionable remediation. In this role, you will collaborate with stakeholders in a dynamic technical environment, helping to shape the future of digital banking in Germany. You will have the opportunity to grow your expertise and make a significant impact on our team and customers.

Job responsibilities

• Lead and mature cyber risk management activities across consumer banking products, providing thought leadership and guidance.
• Ensure technology risk is identified, quantified, communicated, and managed, including root cause analysis and recommendations.
• Develop, monitor, and report on cybersecurity KPIs and KRIs to enhance technology control effectiveness.
• Support and review technology controls against requirements, policy statements, and regulatory standards.
• Analyze and report on compliance at the LoB, firmwide, and regulatory levels.
• Build and maintain strong relationships with stakeholders, technology teams, and corporate functions.
• Facilitate oversight and business-as-usual risk activities.
• Deliver effective reporting on technology control performance.
• Collaborate with cross-functional teams to drive continuous improvement.

• Communicate complex technology and security risks to non-technical audiences.

  Required qualifications, capabilities, and skills

• Bachelor’s degree or equivalent combination of education and relevant experience.
• Relevant work experience in IT and cybersecurity controls.
• Experience with IT risk management operating models and three lines-of-defense frameworks.
• Advanced knowledge of information security domains, including risk and control assessments, access controls, regulatory compliance, technology resiliency, incident management, vulnerability management, third-party risk management, and data protection.
• Basic knowledge in Cloud security.
• Strong analytical skills and ability to deliver measurement and reporting for continuous improvement.
• Excellent communication skills and ability to collaborate with diverse teams.

• Self-motivated with a desire to learn and operate on multiple tasks while maintaining high delivery standards.

  Preferred qualifications, capabilities, and skills

• Certifications in CISA, CISM, CRISC, CISSP, CCSP, AWS, GCP, or similar.
• Expertise in banking regulations, EBA Guidelines on ICT and Security Risk Management, DORA, ISO27001, and NIST frameworks.

#CTC

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.