Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm's robust risk strategy.

As a Tech Risk & Controls Senior Associate in Enterprise Technology Information & Access Management, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firm's standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm's risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards.

Job responsibilities

• Understand and respond to Requests for Information (RFI's) for Identity Access Management audits and regulatory exams, performing final review of submitted evidence.
• Assist in coordinating teams, collection and review of current documentation, and be able to act as an SME in regard to related high level design documents relating to the controls executed by individual IAM teams for delivery to Internal and External audit teams.
• Work across multiple stakeholder groups at various levels and efficiently document / track RFI engagement and actions.
• Partner with the Identity and Access Management global teams to understand SOC1 & SOX changes and their impacts to the control environment.
• Maintain ownership and up to date reporting of the audit/regulatory deliverables in scope.
• Identify and assist with implementing process improvement points throughout the Audit/Control teams RFI lifecycle - intake, workflow, reporting and tracking.
• Understand and proof documentation regarding complex business processes.
• Understand and evaluate product level CORE Processes, associated Risks and their compensating Controls.
• Create new or edit a wide variety of user process documents including operation process flows, Power Point training decks, and quick reference aides relating to functions within the Audit/Control Team specifically.

Required qualifications, capabilities, and skills

• 3+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation
• Strong understanding of IT risk management frameworks and information security controls
• Proficient in Identity Access Management controls, principles, and regulatory obligations
• Experience in infrastructure projects, operations systems, and data analytics
• Skilled in generating executive-level reports and presentations; comfortable presenting to auditors and senior leadership
• Excellent multitasking and prioritizing skills, capable of managing multiple complex projects simultaneously
• Strong oral and written communication skills, able to present audit information and findings effectively
• Detail-oriented and organized, with the ability to produce quality documentation under tight deadlines
• Motivated self-starter with a strong sense of urgency and genuine interest in continuous learning and growth
• Strong proficiency in MS Office Suite, including Excel, Word, Project, PowerPoint, Access, and Visio
• Ability to work independently with minimal supervision and effectively in a team-oriented environment

Preferred qualifications, capabilities, and skills

• CISM, CRISC, CISSP, or other industry-recognized risk certifications
• Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice/standards (e.g., ITIL, NIST, ISO, PCI, SOC)
• Collaboration with internal and external technology audits (3 rd Line of Defense), Operational Risk Management deep dives and testing (2 nd Line of Defense), and the ability to advocate on behalf of subject matter experts

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans