JPMorgan Chase Technology Risk and Control Manager in Jersey City, New Jersey

Business Overview:

J.P. Morgan is a global leader in asset management services. As the Asset & Wealth Management line of business in JPMorgan Chase & Co., we are one of the largest asset and wealth managers in the world serving four distinct client groups through three businesses: institutional and retail clients through Investment Management, ultra-high net worth clients through the Private Bank, and high net worth clients through Chase Wealth Management.

J.P. Morgan Asset & Wealth Management (AWM) is a leading asset manager of choice for institutions, financial intermediaries and individual investors, worldwide. With a heritage of more than two centuries, a broad range of core and alternative strategies, and investment professionals operating in every major world market, we offer investment experience and insight that few other firms can match. With clear focus on managing client assets and delivering strong risk-adjusted returns, with investment professionals providing a broad range of strategies spanning the full spectrum of asset classes, including equity, fixed income, cash liquidity, currency, real estate, hedge funds and private equity and take leadership positions in America, U.K., Continental Europe, Asia, and Japan.

Job Description:

Our AWM Technology Risk and Control Managers are technology risk specialists who support the design, execution, and oversight of our internal control programs. This includes coordination of defined programs, creation of new initiatives, communication of expectations and requirements, and reporting to key stakeholders to ensure a no surprises environment. The role requires regular interaction with various stakeholders including Technology Risk & Controls Management, Technology Management, other key risk and control teams (Operational Risk, Cyber, etc.), Internal Audit, and others to help drive global consistency in our approach, execution, and reporting across the global technology and technology risk functions.

Specifically this role will support Identity and Access Management (IAM) control design and implementation for our AWM businesses globally. This role will function as a technology and business integrator, working with our businesses, GIAM, other lines of business, and technology and risk and controls teams to transform our systems and authentication solutions, providing strong knowledge of good business practices, combined with a sound understanding of technical issues and controls design.


•Manage and monitor the risk posture related to Access Management for AWM, providing management with transparency over what these risks are and how they can be addressed.

•Support the execution of relevant Risk and Control activities for Access Management (e.g., assessments, control testing, monitoring, reporting, and targeted remediation activities).

•Play a leadership role in shaping and driving the Access Management agenda, which will encompass privileged access, roles-based entitlement strategy, security administration processes, and similar.

•Develop and maintain strong business and technology relationships to become a trusted partner, as well as building relationships with Corporate functions such as Audit, Corporate IT Risk and Global Technology Infrastructure for end-to-end risk and control management.

•Participate in or lead programs to improve or remediate the control environment across AWM, notably within the Access Management / Authentication / entitlements arena.

•Support the establishment of a culture focused on the pro-active awareness and improvement of the control environment.


Critical Skills:

•Hands-on experience with assessing, developing, and contributing to projects involving Access Management solutions, including user provisioning, access control, authentication, and authorization.

•Knowledge of security technologies, including Active Directory, Public Key Infrastructure (PKI), Pluggable Authentication Modules (PAM), digital signatures, encryption, and multi-factor authentication.

•Knowledge of multiple access control models, including role-based access control (RBAC) and attribute-based access control (ABAC).

•Knowledge of underlying solution protocols, including SSL/TLS, HTTP, SAML, Kerberos, and S/MIME.

•Strong demonstrated knowledge of technology, and specifically application risk and controls management gained as a practitioner.

•Experience in financial regulatory, internal and external engagements on technology controls.

•Strong project management skills, with proven ability to deliver quality results in a deadline-driven environment.

•Must be a detail oriented, quality-focused leader with a strong sense of ownership, commitment to quality and attention to detail.

•Ability to work effectively in a global team environment and operate in a matrixed organization.

•Change agent, is a consensus builder and thought leader that can drive for improvement and efficiency, thinks out of the box and is creative.

•Intellectual rigor and curiosity, emotional intelligence, high energy and a passion for the delivery of high quality outcomes.

•Stakeholder engagement skills, including ability to influence senior management.


•10+ years experience in technology or operational risk management, preferably for financial institution and/or strong background in Risk Advisory.

•Demonstrated capability of implementing data and/or access management programs.

•Track record of implementing successful risk or technology management solutions.

•Track record of developing and maintaining senior-level stakeholder relationships.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.