Bring your expertise to JPMorgan Chase.  As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As an Identity and Access Management (IAM) Technology Operational Risk Management Vice President within the CCOR (Compliance Conduct and Operational Risk) Technology & Cybersecurity group, you will assist in providing oversight of IAM-related operational risk management practices across Lines of Business, Regions, and Corporate Functions. Your role will involve supporting compliance with technology and cybersecurity laws, rules, and regulations related to identity and access management. You will assist in reviewing IAM processes and controls, identifying risks in JPMorgan Chase's technology environment, and ensuring that access to systems and data is managed and secured. This includes supporting the evaluation of IAM frameworks, policies, and procedures to ensure alignment with industry best practices and regulatory requirements.

Job Responsibilities

Assist in inspections of IAM technologies within processes or firm-wide for compliance and effectiveness.Stay informed on IAM regulatory changes and emerging solutions for compliance.Support responses to regulatory inquiries on IAM, providing documentation and insights.Collaborate with cybersecurity teams to align IAM practices with the control environment.Review significant events where IAM is a factor to derive lessons learned and improve processes.Assist in assessing IAM-related technology risks and coordinate with application risk assessments.Evaluate IAM security risks in third-party relationships, focusing on technology expertise.Support the development of risk positions for new technologies, escalating and tracking risk items as necessary.Identify global risk concentrations, assess risks, and recommend control adjustments.Analyze Operational Risk losses and events to inform RCSA results and technology assessments.Participate in IAM governance forums to provide insights and support strategic risk management initiatives.

Required qualifications, capabilities, and skills

BS/BA degree in computer science or equivalent experience.6+ years in IAM cybersecurity or engineering roles.Understanding of IAM, PAM, and RBAC.Experience with IAM tools like SailPoint, Okta, CyberArk, Microsoft Entra ID, and Ping Identity.Experience managing and securing Microsoft Active Directory and Azure AD (Entra ID).

Preferred qualifications, capabilities, and skills

Understanding of authentication techniques such as SSO and zero trust architecture.Knowledge of cloud security and hybrid IAM implementations.Ability to assess IAM controls and identify IAM vulnerabilities.Familiarity with GPO, Kerberos authentication, NTLM, and LDAP.Experience with privileged access management solutions (PAM).Familiarity with Active Directory Federation Services (ADFS) and federation identity management (such as SAML).Understanding of AD-related security threats and familiarity with Microsoft Defender for Identity and Azure AD Identity Protection.