Join our team to fortify the technological backbone of a financial powerhouse, ensuring robust risk management and pioneering assurance strategies. As a Technology Risk Investigations - Senior Associate in Cybersecurity & Technology Controls, you will make impactful contributions towards ensuring the firm's technology products and lines of business achieve their objectives while effectively managing risk. You will support the wider Risk Assurance function in conducting root-cause investigations into potential information security risks and will play a key part in the continuous improvement of the Risk Assurance findings management program. The primary focus of this role is to analyze, communicate, and track information security risks identified during cybersecurity assessments, such as red team exercises and penetration tests. Your role will involve planning and executing projects to address complex risk scenarios and ensure compliance with technical standards and organizational policies. Leveraging your advanced analytical, technical, and problem-solving skills, you will contribute to the proactive identification and evaluation of technology risk, controls development, and adherence across the Firm **Job responsibilities:** + Analyze and prioritize technical risk hotspots by collaborating with cross-functional teams and leveraging data from Assurance Operations and Data Science teams + Define the control requirements based on business function, regulatory risks, and control framework comparison analysis + Evaluate gaps in existing standards and controls, and develop remediation plans to address high-priority risks and systemic issues + Monitor technology risk, ensuring compliance with relevant regulations, policies, and industry best practices across the Firm + Contribute to the continuous improvement of risk management processes, tools, and methodologies, while fostering a strong risk culture within the Firm **Required qualifications, capabilities, and skills** + 3+ years of experience or equivalent expertise in information security, project management or a related field + Proven knowledge of cybersecurity operations, common risk management processes, security practices, security engineering, and/or vulnerability management. + Ability to collaborate with diverse stakeholders of varying seniority to effectively articulate risk and drive change. + Experience in agile project management and with agile tooling, such as Jira and Confluence. + Proven understanding of cybersecurity operations, common risk management processes, security practices, security engineering, and/or vulnerability management. + Ability to collaborate with diverse stakeholders of varying seniority to effectively articulate risk and drive change. + An understanding of offensive and defensive security tools/technologies, such as penetration testing and red team testing platforms, firewalls, IDS/IPS, Web Proxies, and DLP. J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.