The Global Technology Regulatory Assessment Lead is responsible for overseeing the regulatory assessment programs for the Global Technology (GT) function. The role is part of the GT Assessments & Evaluation team, within the Governance, Risk & Control group. This is a central function that conducts control assessments and evaluations of all types across all Lines of Business for GT. This role will oversee the control assessments programs for Global Technology for regulatory specific assessment, including: (1) Gramm-Leach-Bliley Act (GLBA) (2) Health Insurance Portability and Accountability Act (HIPAA) (3) Payment Card Industry Data Security Standard (PCI DSS) (4) Health Information Trust Alliance (HITRUST) (5) Sarbanes Oxley (SOX) (6) Comprehensive Capital Analysis (CCAR). The ideal candidate will have solid experience in technology risk & controls, compliance, regulatory or audit assessment program aligned to technology. Experience with overseeing regulatory assessment programs for large complex organizations within the financial services industry required.
In this role, the candidate will be expected to manage a team of assessors & subject matter experts; provide guidance to key stakeholders; help establish a sustainable and efficient assessment operation that integrates with the rest of the GT Assessment & Evaluation environment; and communicate with auditors, regulators and senior management when required. A proactive and creative leader who can integrate regulatory assessment needs into established technology operations & ecosystems.
Key Responsibilities:
Provide governance and oversight to each of the assigned assessment programs for all Line of Businesses across GT
Manage a team of regulatory subject matter experts, providing coaching and leadership
Provide guidance to key stakeholders across on each of the programs when necessary
Build an end-to-end operation that allows the team to conduct assessments in efficient with minimum impact to the firm
Integrate the regulatory assessment programs with the GRC ecosystem and assessment execution model to drive a seamless user experience
Support external audit and regulator engagement as necessary
Communicate status, risk, and control findings to senior management and provide accurate metrics on a timely basis
Support scoping discussions with global partners to identify applications and related infrastructure and corresponding evidence required
Provide leadership and be a cultural carrier across the GRC group
Basic Qualifications:
Bachelor™s degree or equivalent experience
Candidate must have a minimum 10 years of technology risk and controls experience, risk assessments, audit and regulatory activities
Should have experience in assessment of technology controls within the Financial Service industry
Experience in a number of the following regulatory programs: GLBA, HIPAA, HITRUST, PCI, SOX, CCAR,
Experience in managing people across different regions
Ability to design processes that leverage large data sets to inform assertion statements for compliance with regulations or frameworks
Strong strategic vision and a track record of successful delivery of business objectives
Expertise in working with colleagues throughout the firm and in leading collaborative teams to achieve common goals
Preferred Skills:
Working knowledge of GRC technology & controls monitoring concepts in order to interact with technology product owners
Experience operating in environments that are heavily governed under compliance and regulation
Keyword: card%20services
The Global Technology Regulatory Assessment Lead is responsible for overseeing the regulatory assessment programs for the Global Technology (GT) function. The role is part of the GT Assessments & Evaluation team, within the Governance, Risk & Control group. This is a central function that conducts control assessments and evaluations of all types across all Lines of Business for GT. This role will oversee the control assessments programs for Global Technology for regulatory specific assessment, including: (1) Gramm-Leach-Bliley Act (GLBA) (2) Health Insurance Portability and Accountability Act (HIPAA) (3) Payment Card Industry Data Security Standard (PCI DSS) (4) Health Information Trust Alliance (HITRUST) (5) Sarbanes Oxley (SOX) (6) Comprehensive Capital Analysis (CCAR). The ideal candidate will have solid experience in technology risk & controls, compliance, regulatory or audit assessment program aligned to technology. Experience with overseeing regulatory assessment programs for large complex organizations within the financial services industry required.
In this role, the candidate will be expected to manage a team of assessors & subject matter experts; provide guidance to key stakeholders; help establish a sustainable and efficient assessment operation that integrates with the rest of the GT Assessment & Evaluation environment; and communicate with auditors, regulators and senior management when required. A proactive and creative leader who can integrate regulatory assessment needs into established technology operations & ecosystems.
Key Responsibilities:
Provide governance and oversight to each of the assigned assessment programs for all Line of Businesses across GT
Manage a team of regulatory subject matter experts, providing coaching and leadership
Provide guidance to key stakeholders across on each of the programs when necessary
Build an end-to-end operation that allows the team to conduct assessments in efficient with minimum impact to the firm
Integrate the regulatory assessment programs with the GRC ecosystem and assessment execution model to drive a seamless user experience
Support external audit and regulator engagement as necessary
Communicate status, risk, and control findings to senior management and provide accurate metrics on a timely basis
Support scoping discussions with global partners to identify applications and related infrastructure and corresponding evidence required
Provide leadership and be a cultural carrier across the GRC group
Basic Qualifications:
Bachelor™s degree or equivalent experience
Candidate must have a minimum 10 years of technology risk and controls experience, risk assessments, audit and regulatory activities
Should have experience in assessment of technology controls within the Financial Service industry
Experience in a number of the following regulatory programs: GLBA, HIPAA, HITRUST, PCI, SOX, CCAR,
Experience in managing people across different regions
Ability to design processes that leverage large data sets to inform assertion statements for compliance with regulations or frameworks
Strong strategic vision and a track record of successful delivery of business objectives
Expertise in working with colleagues throughout the firm and in leading collaborative teams to achieve common goals
Preferred Skills:
Working knowledge of GRC technology & controls monitoring concepts in order to interact with technology product owners
Experience operating in environments that are heavily governed under compliance and regulation
Keyword: card%20services
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world™s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants™ and employees™ religious practices and beliefs, as well as any mental health or physical disability needs.
The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the œWELL Health-Safety Rating for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.
As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. Employees are expected to follow the Firm™s current COVID-19 or other infectious disease health and safety requirements, including local requirements. Requirements include sharing information including your vaccine card in the firm™s vaccine record tool, and may include mask wearing. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests as required by applicable law.
Equal Opportunity Employer/Disability/Veterans
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm™s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group™s number one priority is to enable the business by keeping the firm safe, stable and resilient.
