Apply Now    

Cyber Security Governance Risk & Compliance - Product Technology Controls Officer for Security Operations

Req #: 170089001
Location: London, ENG, UK
Job Category: Technology
Job Description:
GRC – Cybersecurity Product Technology Control Officer (602 - Associate)
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at

Global Cybersecurity ensures the security and resiliency of the Firm’s computing environment, enabling it to protect customer and employee confidential information, and comply with regulatory and audit requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high-quality security solutions and services that are focused on improving the Firm's risk posture.

Within Global Cybersecurity, the Governance, Risk & Control team seeks a Cybersecurity Product Technology Control Officer with comprehensive risk and control background, ability to assess design adequacy and operational effectiveness of controls, and demonstrated proficiency in supporting end-to-end Issue Management.  In addition, experience managing the creation and maintenance of Policies, Standards and Procedures is preferred.
Roles and Responsibilities:
  • Acting as an independent controls officer, provide comprehensive risk and control oversight across Cyber Products and supporting Capabilities
  • Assess the design adequacy and operational effectiveness of controls to mitigate cybersecurity risks and conformity to standards, regulatory and compliance requirements
  • Assist in the design of compensating controls where control deficiencies are noted and/or desired residual risk levels have not been achieved
  • Demonstrate proficiency in supporting end-to-end Issue Management throughout its full lifecycle including identification, creation, tracking and closure
  • Leveraging data analytics, conduct trend analysis to identify thematic issues, determine root causes, and design sustainable solutions to avoid issue recurrence
  • Manage the creation and maintenance of Policies, Standards and Procedures to keep them evergreen and ensure alignment with industry leading practices and regulatory requirements
  • Oversee Product resiliency and third-party supplier risk management activities
  • Facilitate SDLC pre-implementation control design reviews (‘secure from the start’) and pre-audit readiness exercises
  • Engage and partner with product teams and process owners to promote cross-functional relationships and foster collaborative approaches
  • Bachelors degree in computer science, information systems or related field along with 3-5 years of overall IT experience preferred
  • 3-5 years of business experience, ideally including experience in the Financial Services and Technology Risk or related fields
  • Outstanding verbal, interpersonal and written communication and presentation skills, including demonstrated ability to interact with both technical and non-technical stakeholders
  • Analytical aptitude; strong organizational and time management skills; ability to manage multiple and conflicting priorities in a global organization, and to adapt in a fast-paced environment
  • Ability to develop and maintain strong partnerships with key stakeholders, and to work across LOBs and regions, balancing the needs of multiple organizations
  • Strong PC skills including thorough knowledge of Microsoft Office Suite
  • Ability to both learn from colleagues and think outside the box
  • Knowledge of Cyber Operations including Threat Intelligence, Monitoring, Detection, Digital Forensics and Incident Response
  • Understanding of software develop practices and Agile development methodologies
  • Familiarity with industry-recognized frameworks (e.g., COBIT, FFIEC CAT, NIST CSF)
  • Relevant professional certification (e.g., CISSP, CISA, CRISC)
About J.P. Morgan’s Corporate & Investment Bank
J.P. Morgan’s Corporate & Investment Bank is a global leader across banking, markets and investor services. The world’s most important corporations, governments and institutions entrust us with their business in more than 100 countries. With $18 trillion of assets under custody and $393 billion in deposits, the Corporate & Investment Bank provides strategic advice, raises capital, manages risk and extends liquidity in markets around the world.  Further information about J.P. Morgan is available at
JPMorgan Chase & Co. offers an exceptional benefits program and a highly competitive compensation package. JPMorgan Chase & Co. is an Equal Opportunity Employer.
Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.