Take your engineering expertise to new heights by joining a team of exceptionally talented professionals and solidify your place among top performers in the industry.
 

As a Principal Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you provide expertise to enhance and develop architecture platforms based on modern cloud-based technologies as well as support the adoption of strategic global solutions. Leverage your advanced architecture capabilities to identify, communicate, and mitigate risk, and collaborate with colleagues across the organization to drive best-in-class outcomes.

We are seeking a highly skilled and visionary leader to join our Technology Risk and Controls (TRC) organization. This role is pivotal in enhancing the organization's internal controls over financial reporting (ICFR) while driving innovation through modern engineering practices and advanced technology integration. The successful candidate will provide strategic architectural leadership partnering with internal and external auditors, internal stakeholders including product, platform teams, finance teams, and other stakeholders in SOX compliance, IT General Controls (ITGC), and comprehensive risk assessment methodologies.

Job responsibilities

Advises cross-functional teams on technology selections and decisions to achieve target state cybersecurity on improvements to current cybersecurity parameters Develops multi-year roadmaps aligned with business and architecture strategy and priorities Provide Regulatory & Industry Assessment Expertise. Provide subject matter expertise in regulatory assessments, ensuring that the organization adheres to applicable frameworks such as SOX, PCI DSS, GLBA, SOC1/2, and other relevant standards. Lead efforts to ensure audit compliance with Information Technology General Controls (ITGC) testing methods and facilitate assessments of our practices overall. Oversee the evaluation and design of assessment frameworks methodologies in partnership with various stakeholders, and processes to ensure consistent, efficient, and high-quality outcomes.  Serve as a Strategic Risk & Control Advisor. Partner with senior stakeholders to provide risk-based guidance on control design, operational effectiveness, and audit preparedness. Lead efforts to enhance the firm’s risk assessment and control environment, identifying areas of improvement and advising on control implementation to mitigate regulatory risks. Monitor regulatory trends and audit findings to proactively address emerging risks and influence control strategies across the enterprise.  Drive Program Execution & Governance. Influence efficient and effective execution of assessment programs, ensuring alignment with organizational objectives, risk appetite, and regulatory compliance. Establish audit readiness programs, ensuring the continuous enhancement of the firm’s control environment and audit documentation process. Lead the governance of issues raised from our assessments, tracking concerns, and resolution of findings, and ensure timely and effective closure of identified control deficiencies.  Creates complex and scalable coding frameworks on the public cloud for new system design patterns and process templates Develops secure and high-quality production code and reviews and debugs code written by others   Serves as the function’s go-to subject matter expert and drives thought leadership within the product line Creates durable, reusable software frameworks that improves velocity and quality of output across teams and functions 

Required qualifications, capabilities, and skills

Formal training or certification on cybersecurity concepts and 10+ years applied experience Hands-on practical experience in cybersecurity architecture that can be applied and reused across businesses, functions, and systems Fluent in one or more programming languages Deep knowledge of one or more software or applications Experience in audit, risk management, or compliance, with deep experience leading audit functions within a large organization. Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry Extensive knowledge of audit principles, regulatory standards (SOX, PCI DSS, GLBA, SOC), IT General Controls, and best practices for audit readiness. Proven ability to lead large teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy in communications with senior executives Proven experience managing relationships with internal and external auditors and leading large-scale audit and assessment programs. Advanced knowledge and experience leading data security, risk assessment & reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies.)   Experience applying expertise and new methods to determine solutions for complex architecture problems in one or more technical disciplines  Preferred qualifications, capabilities, and skills CPA, CIA, CISA, or other relevant certifications preferred. Experience with GRC tools, audit management platforms, and data analytics to enhance audit efficiency and insight.