The Cybersecurity & Technology Controls group at JPMorganChase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.

 

As a Technology Risk & Controls (TRC) Associate within the Cybersecurity and Technology Controls organisation, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firm’s standards. You will collaborate with a broad range of stakeholders, leveraging your knowledge of risk management principles and practices to assess and monitor risks and implement effective controls. Your contributions will strengthen the firm’s risk posture, enhance operational resilience, and support regulatory compliance.

 Job responsibilities

Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practicesSupport implementation and evaluation of effective controls, identifying gaps and recommending improvementsDemonstrate good analytical and problem-solving skills, with the ability to break down complex processes, analyze potential risks and present solutions to key stakeholdersCommunicate findings and contribute to recommendations for improvements, ensuring alignment with organisational objectives and risk appetiteConduct thorough root cause analysis and provide actionable insights to ensure issues are fully resolved and controls are sustainableCollaborate with business technologists, risk, and audit teams to manage risk and drive cross-functional solutionsProvide risk reporting and governance insights to senior management to inform decision-makingPromote a culture of risk awareness and adherence to best practices across the organisation

Required Qualifications, Capabilities, and Skills

Experience in technology risk management, information security, or a related field, with emphasis on risk identification, assessment, mitigation, and control evaluationProficient knowledge of risk management frameworks, regulations, and industry standardsKnowledge of security controls, and vulnerability management in public cloud environmentsExcellent interpersonal and communication skills, including the ability to influence and engage stakeholders across levelsStrong prioritisation and multitasking skills, with the ability to work independently and drive change in a dynamic environmentSelf-motivated with the ability to multi-task, prioritize and thrive in a fast-paced and evolving environment