J.P.Morgan 7, Kingston Court, 60 Gower St, Glasgow G41 5QD, UK
Business Overview & Role Description The Global Cybersecurity and Technology Controls (CTC) organization ensures the security and resiliency of the Firm's computing environment, enabling it to protect customer and employee confidential information, and comply with regulatory and audit requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high-quality security solutions and services that are focused on improving the Firm's risk posture. The Governance & Control (G&C) organization within CTC is seeking an accomplished and seasoned Technology Control Officer (TCO) to drive a robust risk and control environment for Data Management, Protection, and Privacy (DMP&P), ensuring technology solutions comply with Firmwide risk, controls and regulatory requirements. The TCO will have a comprehensive understanding of the overall DMP&P risk and control environment and instill appropriate governance to manage and proactively identify issues and changes in the risk profile of the underlying systems. Responsibilities include: Drive a risk mitigating culture within GDP&P aligned to proactively identify, assess, and manage inherent risks within technology and services. Strengthen the control environment through education, collaboration, and oversight. Drive effective risk mitigating controls designed, deployed, and monitored by the application owners, developers, and support teams. Develop an integrated technology control framework maintaining the appropriate balance between risk mitigation, product growth, and financial returns. Collaborate with Audit, Information Risk Management, business control functions, and the GDP&P teams to drive transparent, measurable, and sustainable control improvements. Partner closely with business and technology stakeholders providing clear direction and guidance to manage risks, driving control optimization, process efficiency, and improved client experience. Proactively work with technology and product managers to identify potential issues and ensure effective remediation throughout the full Issue Management lifecycle Provide leadership and advise on material remediation activities ensuring appropriate resolution of issues. Active engagement in risk assessments and control substantiation. Collaborate with Product, Technology and Architecture teams on Internal Audits, SSAE16, SOX, Operational Risk and Regulatory assessments. Support Risk & Control Self-Assessment (RCSA) process ensuring issues and related action plans are timely documented, assigned, and resolved. Ensure timely escalation of material issues to senior management. Create and maintain GDP&P related Policies, Standards and Procedures to keep them evergreen and ensure alignment with industry leading practices and regulatory requirements Engage and partner with Product, Technology, Architecture and G&C teams to promote cross-functional relationships and foster collaborative approaches Qualifications : Technology experience with knowledge of Data Protection space, including data classification, encryption, discovery, loss prevention and various privacy related regulatory needs Strong technology security, risk, and audit experience. Strong written and verbal communication skills. Strong ability to articulate ideas and results in a meaningful and actionable manner Flexible, adaptable to shifting priorities; eagerness to work in a fast-paced, results driven, highly dynamic environment Experience working with geographically dispersed and culturally diverse teams. Proficient with multiple technologies and architectural design principles. Proven ability to build strong partnerships with colleagues, desire to learn quickly, be flexible and think strategically Demonstrated analytical and problem solving skills. Experience in business process analysis, documenting gaps and process standardizations. Experience identifying strategic improvements and delivering measurable change. Strong organizational skills with ability to effectively multitask. Strong interpersonal skills, exceptional relationship building and influencing skills and ability to effectively partner with all levels of management across numerous teams to help drive the control agenda Bachelor's degree, specialized training, or equivalent work experience. Familiarity with industry-recognized frameworks (e.g., COBIT, FFIEC CAT, NIST CSF) Certifications such as CISSP, CISM, CRISC, CISA are preferred. Your expertise in Cyber, combined with your desire to provide innovative security services, willbe an asset to our Cybersecurity team. Help deliver high-quality securitysolutions across all our lines of business around the world by creating,designing, implementing, and maintaining next-level technology. The work you ' ll do is vital, as it will protect over $18trillion of assets under custody and $393 billion in deposits every day. When you work atJPMorgan Chase & Co., you ' re not just workingat a global financial institution. You ' re an integral partof one of the world ' s biggest techcompanies. In 14 technology hubs worldwide, our team of 40,000+ technologistsdesign, build and deploy everything from enterprise technology initiatives tobig data and mobile solutions, as well as innovations in electronic payments, cybersecurity,machine learning, and cloud development. Our $9.5B+ annual investment intechnology enables us to hire people to create innovative solutions that willnot only transform the financial services industry, but also change the world. At JPMorgan Chase& Co. we value the unique skills of every employee, and we ' re building a technology organization that thriveson diversity. We encourage professional growth and career development, andoffer competitive benefits and compensation. If you ' re looking to build your career as part of a globaltechnology team tackling big challenges that impact the lives of people andcompanies all around the world, we want to meet you. JPMorgan Chase &Co. is an equal opportunity employer.