Tech Risk & Controls Lead - Audit & Issue Management

Leveraging deep expertise in risk, controls, and audit, this role influences secure IT operations firmwide by: Providing guidance, best practices, and subject-matter support to lines of business Driving and overseeing appropriate corrective actions to reduce operational risk Ensuring alignment with regulatory expectations and internal control standards Collaborating across stakeholders to strengthen control design and operating effectiveness Duties/Responsibilities include but are not limited to: Work with all three JPMC Lines of Defense to ensure the accuracy of statements and identified risk Partner with other Tech Risk & Control personnel to ensure appropriate root cause analysis to confirm thorough understanding of findings/observations Ensure only qualified risks are entered into CORE and adhere to GRC quality requirements for Issues Provide auditability, risk, and sustainability advisement and approval for all identified Issues Ensure Issue Action Plans (APs) sufficiently and sustainably address the identified risk Review/approve all Issue and AP closure documentation Establish and maintain strong relationships with internal and external stakeholders , including key cross-functional team leads, to ensure compliance with Firm Issue Management Standards and Procedures Respectfully challenge viewpoints of all three Lines of Defense Review/approve all Issue and AP completion evidence This role requires a wide variety of strengths and capabilities, including: 5+ years of experience in technology audit, expertise in technology risk management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation In-depth experience in audit and risk management practices/functions CISA designation required, CRISC designation preferred Advanced knowledge of IT control frameworks Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection Experience working across large complex business and technical environments Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals