Tech Risk and Controls Lead - Risk Assessment Strategy & Transformation Lead

Plano, TX, United States

Apply now Apply later

Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management. 

As a Tech Risk & Controls Lead in Cybersecurity and Technology Controls, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

We are seeking a strategic and transformational leader to join our Regulatory and Industry Risk Assessment team. This role will drive business strategy, organization transformation, and oversee program execution to ensure compliance with regulatory and industry standards such as SOX, PCI, SOC, and others. The successful candidate will lead strategic initiatives that enhance efficiency, scalability, and effectiveness across risk management practices, regulatory assessments, and control functions.

 Job responsibilities

  • Provide Strategic Leadership and Risk Management by working with the Head of Regulatory and Industry Risk Assessment and leadership team to develop and implement business strategies aligned with regulatory and industry compliance frameworks (GLBA, SOX, PCI, SOC, FSP). Lead cross-functional teams to define key business objectives and prioritize initiatives for the risk assessment function. Design and execute transformation roadmaps, with a focus on increasing the maturity of all current and future risk assessment processes and procedures. 
  • Drive Organizational Transformation and Change Management by leading change management efforts, including the redesign of processes, technology, and organizational structure to improve delivery and reduce complexity. Partner with senior stakeholders to assess current state operations, identify gaps, and recommend solutions to optimize regulatory risk assessments. Drive the culture of innovation and operational excellence in alignment with the organization’s broader risk strategy and transformation goals. 
  • Deliver Program Management by overseeing the execution of regulatory and industry risk assessments, ensuring delivery within scope, on time, and in compliance with internal and external audit standards. Manage programs that support the firm’s global technology compliance, including managing teams to deliver audit-ready reports for regulators and industry bodies. Lead process standardization and automation initiatives to enhance reporting, reduce manual processes, and ensure sustainable compliance operations. Champion continuous improvement by leading process standardization and automation initiatives, incorporating best practices and emerging technologies. 
  • Engage Stakeholders by fostering relationships with key participants across the organization, including technology, finance, and risk teams. Act as a trusted advisor to senior leadership on matters related to risk assessments, compliance, and business strategy. Collaborate with internal audit teams, external auditors, and regulatory bodies to ensure alignment with compliance expectations and timely delivery of audit requirements. 
  • Be a Leader & Develop the team by ensuring they are informed of changing regulations, industry trends, and best practices in risk assessment and control. Build and manage a high-performing team, focused on delivering strategic regulatory and risk programs. Mentor and coach colleagues and team members, fostering professional development and creating a culture of collaboration and continuous improvement. 

Required qualifications, capabilities, and skills

  • 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
  • Experience in business strategy, organizational transformation, risk management, or regulatory compliance within a financial institution or regulated industry.
  • Strong understanding of regulatory frameworks such as GLBA, SOX, PCI DSS, SOC1/2, and other financial industry regulatory requirements
  • Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
  • Experience with governance, risk, and compliance (GRC) tools, automation solutions, and data-driven decision-making.
  • Demonstrated success in managing large-scale programs, with a focus on strategic alignment, process improvement, and operational excellence. 
  • Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives

Preferred qualifications, capabilities, and skills

  • CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are prefer
  • PMP or similar industry-recognized certification

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0

Tags: Automation Banking CISM CISSP Compliance CRISC Finance GLBA Governance PCI DSS Risk assessment Risk management SOC SOC 1 SOX Strategy

Perks/benefits: Career development Competitive pay Health care Wellness

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.