Tech Risk and Controls Lead - Cloud Services

Location: Jersey City, NJ, United States

Job Family: Technology Risk & Services

About the Role

At JP Morgan Chase, we are at the forefront of reimagining the future of banking through innovative technology solutions. As a Tech Risk and Controls Lead - Cloud Services in our Technology Risk & Services category, you will play a pivotal role in safeguarding our cloud infrastructure against evolving threats while ensuring seamless compliance and operational resilience. Based in Jersey City, NJ, this position demands a strategic leader who thrives in a fast-paced financial services environment, where managing tech risks directly impacts our ability to deliver secure, reliable services to millions of clients worldwide. You will report to the Head of Cloud Risk Management and collaborate with global teams to embed risk-aware practices into every aspect of our cloud operations. Your core responsibilities will include leading comprehensive risk assessments for cloud platforms like AWS and Azure, developing control mechanisms to mitigate vulnerabilities, and ensuring adherence to stringent regulations such as SOX and FFIEC. In this role, you will partner with cross-functional stakeholders—including developers, security experts, and business leaders—to integrate risk controls into cloud migration projects and ongoing operations. By proactively identifying potential issues in our dynamic risk landscape, you will help maintain JP Morgan Chase's reputation as a trusted financial powerhouse, preventing disruptions that could affect trading, payments, and customer data integrity. We seek a seasoned professional with deep expertise in cloud technologies and financial risk management, capable of translating complex technical risks into actionable insights for executive audiences. This is an opportunity to influence enterprise-wide strategies at one of the world's largest banks, contributing to initiatives that leverage cloud services for competitive advantage while upholding the highest standards of governance. Join us to drive innovation responsibly and advance your career in a supportive, high-impact environment.

Key Responsibilities

• Lead the identification, assessment, and mitigation of technology risks associated with cloud services across JP Morgan Chase's platforms
• Develop and maintain robust control frameworks to ensure compliance with internal policies and external regulations in the financial sector
• Collaborate with engineering, security, and business teams to integrate risk management into cloud adoption and migration strategies
• Conduct regular risk assessments and control testing for cloud environments, reporting findings to senior leadership
• Drive the implementation of remediation plans for identified vulnerabilities in cloud infrastructure
• Monitor emerging risks in cloud technologies and advise on best practices for operational integrity
• Facilitate training and awareness programs on tech risk and controls for cloud services teams
• Partner with audit and compliance functions to support regulatory examinations and internal audits
• Contribute to the evolution of JP Morgan's cloud risk governance model in response to industry changes
• Analyze incident reports related to cloud services and recommend enhancements to prevent recurrence

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related field
• Minimum of 7-10 years of experience in technology risk management, controls, or compliance within the financial services industry
• Proven expertise in cloud computing platforms such as AWS, Azure, or Google Cloud, with a focus on risk and security controls
• Strong understanding of regulatory frameworks including GDPR, SOX, and FFIEC guidelines applicable to financial institutions
• Experience leading cross-functional teams in identifying and mitigating technology risks in a high-stakes environment
• Certification in risk management such as CRISC, CISA, or CISSP
• Demonstrated ability to manage complex projects involving tech risk assessments and control implementations

Preferred Qualifications

• Advanced degree (Master's or MBA) in a relevant discipline
• Experience working at a major financial institution like JP Morgan Chase or similar
• Knowledge of cloud-native security tools and DevSecOps practices
• Prior involvement in audit processes for cloud services in banking
• Familiarity with JP Morgan's internal risk management frameworks and tools

Required Skills

• Cloud platform expertise (AWS, Azure, GCP)
• Risk assessment and mitigation techniques
• Regulatory compliance knowledge (SOX, GDPR, PCI-DSS)
• Control framework design and implementation
• Project management and agile methodologies
• Data analysis and reporting tools (e.g., Tableau, Excel)
• Cybersecurity principles and threat modeling
• Stakeholder communication and presentation skills
• Problem-solving and critical thinking
• Leadership and team collaboration
• DevOps and CI/CD pipeline understanding
• Incident response and root cause analysis
• Financial services domain knowledge
• Technical writing for policies and procedures
• Adaptability to dynamic risk landscapes

Benefits

• Competitive base salary and performance-based annual bonuses
• Comprehensive health, dental, and vision insurance plans
• 401(k) retirement savings plan with generous company matching
• Paid time off including vacation, sick days, and parental leave
• Professional development opportunities through JP Morgan's learning programs and tuition reimbursement
• Employee stock purchase plan and other financial wellness benefits
• On-site fitness centers, wellness programs, and mental health support
• Flexible work arrangements and hybrid work options in Jersey City

JP Morgan Chase is an equal opportunity employer.