Cybersecurity Tech Risk Engagement - Associate

Join our team to navigate the complexities of technology risk and cybersecurity, ensuring our firm leads with innovation and compliance.

As a Tech Risk Engagement Associate in Cybersecurity Technology & Controls, you will contribute to a team that supports the complex regulatory landscape within the firm's risk appetite. Collaborate with internal teams and external authorities to do research on technology evolvement and cyber-related developments. Your experience in data security, risk management, and security governance will enable you to make informed decisions and contribute to the continuous improvement of the firm's risk management practices. Help position JPMorgan Chase as a leader in technology risk management by engaging with stakeholders and clients and ensuring compliance with regulatory requirements.

Job responsibilities

• Research industry best practices and emerging trends to inform the development of technology risk management strategies
• Prepare weekly reporting on regulatory exams and regulatory engagements for distribution to senior management.  
• Provide support to the team in providing strategic advice and regular updates to Global Technology management regarding the matters being handled, including, but not limited to, the timely escalation and resolution of potential issues.
• Communicate extensively (orally and in writing) and develop effective relationships with regulators.
• Work with the relevant personnel in Global Technology and Lines of Business / Corporate Functions to obtain information/documentation to respond to regulatory requests.
• Participate in risk assessments, monitor control effectiveness, and provide timely reporting on technology risk exposure to stakeholders and management

Required qualifications, capabilities, and skills

• Obtain 2+ years of experience or equivalent expertise in technology risk management, cybersecurity, or a related field
• Developing knowledge in data security, risk management, security governance, and analytical thinking
• Exposure to relevant regulatory frameworks and industry guidelines, such as NIST, ISO, CRI Profile, and regional or jurisdictional regulatory frameworks such as FFIEC, and GDPR
• Emerging knowledge of Risk Management Principles