Technology & Cybersecurity Software Development Operational Risk Manager - Executive Director

JP Morgan

Location: Dorset

Job Type: Full time

Posted

The most difficult thing is the decision to act, the rest is merely tenacity.
- Amelia Earhart

The appropriate candidate has subject matter expertise in building and using system and software development tooling and toolchains. That expertise will be used to independently drive the risk agenda for technology development across the Global Technology environment and organization.

Your experience should include a good understanding of the software development lifecycle (SDLC) including secure coding practices, vulnerability management, use of open source software, software testing and release management are essential plus an understanding of the controls that an automated continuous integration and continuous deployment (CI/CD) pipeline supports.

You will perform independent risk assessments on specific technology either in use in the firm today or proposed. Identify areas of emerging technologies that introduce risk and may require risk assessment. Understand third party risks as applied to technology. Provides values and insight to the JPMC technology organization’s risk management practices.

Key Responsibilities Include:

  • Engage with technology teams to gain full understanding of the technology and control environment
  • Perform deep inspection of software development tools and processes
  • Independently assess technology risk management and controls across the bank
  • Understand third party risks as related to development toolchains
  • Risk assessment of the impact of changing software on the JPMC technology portfolio. As new technology is introduced and old technology is phased out, the risk position of the firm will have a changing residual risk position
  • Coordination and key participation in the development of the evolving risk position of new technology and development practices. For each of the technology areas in focus, the candidate will be charged with escalating and tracking the individual risk items
  • Work with appropriate technology leaders to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Participate in key portfolio governance forums
  • Perform independent assessment of operational risks through the operational risk monitoring program (e.g., significant event reviews, deep dive reviews, risk metrics, operational risk appetite, independent risk management assessments)
  • Participate and challenge technology control designers and operators
  • Participate in firm-wide global initiatives to analyze impact to the firm's
  • Partner and advise internal teams of thematic deficiencies in the firm’s strategic development toolchain.

Qualifications

  • Solid experience in infrastructure/application architecture
  • Strong experience in a senior technology role (engineering, operations, or strategic planning)
  • Relevant experience in software development using automated integration and delivery pipelines
  • Knowledge of software testing and test methodologies
  • Understanding of the software development lifecycle (SDLC) including secure coding practices, vulnerability management, use of open source software, software testing and release management
  • Ability to understand complex technical systems, the business processes they support and synthesize the corresponding risks and controls.
  • Preferably knowledge of second line risk management (operational risk and compliance) practices
  • Ability to seamlessly transition between business and technical discussion
  • Strong organizational and multi-tasking skills with demonstrated ability to manage expectations.
  • Excellent verbal and written communication skills, including the ability to present concise findings in a persuasive manner to a senior audience
  • Able to develop constructive relationships with functional partners
  • Deadline driven; delivering results with limited supervision

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.

You’ve got this!