Location: LONDON, LONDON, United Kingdom

Bring your expertise to JPMorgan Chase.  As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As a Technology Operational Risk Management Director, you will need to possess subject matter expertise in Public and Private Cloud technology domains. You will perform independent risk assessments on the platforms, tools and supporting systems used to deliver these technologies to businesses at the firm.  You will proactively identify areas of emerging technologies that introduce operational risk and have a good understanding of third-party risks as applied to the technology used.

In this role, you will have the opportunity to join the Tech & Cyber Operational Risk Management team that is responsible for the successful implementation and execution of the Compliance, Conduct, and Operational Risk (CCOR) Tech & Cyber framework within JP Morgan.  You will provide 2

 Line of Defense challenge and oversight to our technology and cybersecurity partners. You will need to be a multi-disciplined forward-looking technologist and risk manager with diverse background and experiences in several cyber security and technology operations and the development of corresponding control systems. 

Job Responsibilities

• Perform oversight of operational risks through reviews of global and regional technology/ cyber security processes and controls for the firm’s used of public and private cloud.
• Keep abreast of current technology trends, vulnerabilities, and emerging technologies.
• Engage with infrastructure technology teams to gain full understanding of the technology and control environment.
• Understand third party risks as related to specific technology area of expertise.
• Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices. 
• Participate in key technology governance forums.

Required qualifications, capabilities and skills

• Cloud Platform Proficiency:  Demonstrated hands-on experience with major public cloud providers, including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.
• Cloud Solution Architecture:  Experience designing, implementing, and managing scalable, secure, and highly available application architectures tailored for cloud environments.
• Cloud-Native Application Design:  Knowledge of microservices, serverless computing, containerization, and event-driven architectures.
• Infrastructure as Code (IaC):  Proficiency with IaC tools such as AWS CloudFormation, Azure Resource Manager, and Google Cloud Deployment Manager, as well as third-party tools like Terraform or Ansible.
• Security and Compliance:  Understanding of cloud security best practices, identity and access management (IAM), encryption, network security, and compliance frameworks relevant to cloud deployments.
• DevOps and CI/CD:  Experience with DevOps practices and tools for continuous integration and continuous deployment (CI/CD) in cloud environments 
• Monitoring and Optimization:  Familiarity with cloud monitoring, logging, and cost optimization tools (e.g., AWS CloudWatch, Azure Monitor, Google Operations Suite).
• Networking in the Cloud:  Knowledge of virtual networks, VPNs, load balancers, DNS, and hybrid connectivity solutions across AWS, GCP, and Azure.
• Data Services:  Experience with cloud-based databases, data lakes, and analytics services (e.g., Amazon RDS, Google BigQuery, Azure SQL Database).
• Migration and Modernization:  Experience migrating on-premises applications and workloads to public cloud platforms, including rehosting, replatforming, and refactoring strategies.

Great role as a Cloud Operational Risk Executive Director in Compliance, Conduct and Operational Risk Tech & Cyber 2nd Line of Defense.