Technology Risk and Control Lead

Be an integral part of an agile team that's constantly pushing the envelope to enhance, build, and deliver top-notch technology products. As a Tech Risk and Controls Lead at JPMorgan Chase in Corporate - FS Production Services, you will play a pivotal role in executing the firm's technology risk management strategy. you will be responsible for identifying, and mitigating risks in line with the firm's standards. In this role you will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. You will collaborate with various stakeholders, including Application Owners, Product Owners and Control Managers. In addition, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. With your knowledge of risk management principles, practices, and theories you will drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. Job Responsibilities Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations. Lead and participate on technology audit engagements, from planning to reporting, and produce quality deliverables to both department and professional standards, while ensuring audits are completed timely and within budget. Finalize audit findings and use judgment to provide an overall opinion on the control environment by developing recommendations to strengthen internal controls. Uses enterprise-authorized AI capabilities within the work environment to accelerate synthesis of risk/control evidence and draft executive-ready reporting, validating outputs and handling data according to sensitivity and security requirements Engaging and supporting stakeholders across Global Technology, 2nd and 3rd lines of defense and our regulators. Develop and maintain periodic analytics to provide management with full insight into emerging trends and key risks. Communicate audit findings to management, and identify opportunities for improvement in the design and effectiveness of key controls. Promotes reuse-first, AI-assisted approaches to streamline recurring control testing and issue/action-plan management routines, ensuring human review and alignment to auditability and regulatory expectations. Develop and maintain robust relationships, becoming a trusted partner with technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Required qualifications, capabilities, and skills 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and technology regulatory requirements. Proficient knowledge and expertise in resiliency, data security, risk assessment & reporting, controls evaluation, design, execution and governance, with a proven record of implementing effective risk mitigation strategies. Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support technology risk and controls workflows with strong validation habits and awareness of data sensitivity. Ability to review and validate AI-assisted risk summaries and recommendations before use, escalating when uncertain and ensuring outcomes align to security, auditability, and regulatory expectations. Demonstrated ability to influence management-level strategic decision-making and translating technology insights into business strategies for senior executive. Preferred qualifications, capabilities, and skills CISM, CISA, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred. Experience with Microsoft suite (PowerPoint, Excel, Word). Experience with Atlassian (JIRA, Confluence). Experience an ex auditor within technology monitoring. Cybersecurity lead within remediation. Technology engineer who is risk focused and heavier on infrastructure/configuration domain.