Tech Risk & Controls Lead - Cloud Platforms

Location: GLASGOW, LANARKSHIRE, United Kingdom

Job Family: Technology Risk & Services

About the Role

At JP Morgan Chase, we are at the forefront of transforming the financial services industry through innovative technology solutions. As a Tech Risk & Controls Lead - Cloud Platforms in our Corporate & Investment Bank (CIB) division, you will play a pivotal role in safeguarding our cloud-based infrastructures. Based in Glasgow, United Kingdom, this position involves leading audit and assessment engagements to ensure our cloud platforms meet the highest standards of security, compliance, and operational resilience. You will work closely with global teams to identify risks, implement robust controls, and support the bank's mission to deliver secure, scalable technology services to clients worldwide. In this leadership role, you will drive the development of risk management strategies tailored to cloud environments, including AWS, Azure, and hybrid setups integral to JP Morgan's operations. Your responsibilities will span conducting thorough risk assessments, testing controls for regulatory compliance (such as SOX and GDPR), and collaborating with engineering and compliance stakeholders to remediate vulnerabilities. By leveraging your expertise in financial services regulations and cloud governance, you will help mitigate emerging threats like data breaches and operational disruptions, ensuring our platforms support seamless banking services while adhering to Basel III and other industry standards. Joining JP Morgan Chase means becoming part of a dynamic culture that values innovation, integrity, and professional growth. You will have opportunities to mentor teams, influence enterprise-wide policies, and contribute to cutting-edge projects in a supportive environment. With access to world-class resources and a commitment to work-life balance, this role offers a chance to advance your career in technology risk while making a tangible impact on one of the world's leading financial institutions.

Key Responsibilities

• Lead end-to-end audit and assessment engagements for cloud platforms within JP Morgan Chase's Corporate & Investment Bank (CIB) division
• Develop and implement technology risk and controls frameworks to ensure compliance with regulatory requirements in the financial services sector
• Collaborate with cross-functional teams, including engineering, security, and compliance, to identify and mitigate risks in cloud infrastructures
• Conduct risk assessments, gap analyses, and control testing for cloud-based applications and services
• Provide expert guidance on cloud governance, including policy development and adherence to standards like NIST and ISO 27001
• Monitor emerging risks in cloud technologies and recommend enhancements to JP Morgan's risk management practices
• Prepare detailed reports and presentations for senior stakeholders on audit findings and remediation plans
• Support the integration of cloud platforms with JP Morgan's broader technology ecosystem while maintaining robust controls
• Mentor junior team members in technology risk methodologies and best practices
• Stay updated on industry trends and regulatory changes impacting cloud risk in banking

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Finance, or a related field
• Minimum of 5 years of experience in technology risk management, audit, or controls within the financial services industry
• Proven experience with cloud platforms such as AWS, Azure, or Google Cloud, including risk assessment and compliance
• Strong understanding of regulatory frameworks like GDPR, SOX, and Basel III relevant to financial institutions
• Certification in risk management or audit, such as CISA, CRISC, or CIA
• Experience leading audit and assessment engagements in a large-scale enterprise environment
• Ability to work in a hybrid model in Glasgow, UK, with occasional travel

Preferred Qualifications

• Advanced degree (Master's or MBA) in a relevant discipline
• Experience in cloud security and governance within JP Morgan Chase or similar global banks
• Knowledge of JP Morgan's internal risk management frameworks and tools
• Familiarity with DevOps practices and agile methodologies in cloud environments
• Prior leadership role in technology risk teams supporting financial platforms

Required Skills

• Expertise in cloud computing platforms (AWS, Azure, GCP)
• Proficiency in risk assessment and control frameworks
• Strong knowledge of financial regulations (SOX, GDPR, PCI-DSS)
• Experience with audit tools and methodologies (e.g., GRC platforms)
• Analytical thinking and problem-solving abilities
• Excellent communication and stakeholder management skills
• Leadership and team collaboration expertise
• Technical proficiency in scripting languages (Python, Java) for risk automation
• Understanding of cybersecurity principles in cloud environments
• Project management skills for leading engagements
• Attention to detail in compliance and reporting
• Adaptability to fast-paced financial services environment
• Familiarity with DevSecOps practices
• Data analysis and visualization tools (e.g., Tableau, Excel)
• Ethical judgment in handling sensitive financial data

Benefits

• Competitive base salary and performance-based annual bonus
• Comprehensive health, dental, and vision insurance coverage
• Generous retirement savings plan with company matching contributions
• Paid time off including vacation, sick leave, and parental leave
• Professional development opportunities, including tuition reimbursement and access to JP Morgan's learning platforms
• Hybrid work model with flexibility for work-life balance in Glasgow
• Employee stock purchase plan and financial wellness programs
• Global mobility support and career progression within JP Morgan Chase

JP Morgan Chase is an equal opportunity employer.