JPMorgan Chase & Co.
Tech Risk and Controls Lead

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Tech Risk and Controls Lead
Vice President – Accelerator Business (Technology Compliance & Risk Governance)
Location: [Unspecified] Function: [Corporate Functions – Control Management] Employment Status: Full time
Out of the successful launch of Chase in 2021, we are on a mission to continue creating products that solve real-world problems and put customers at the centre—all in an environment that nurtures skills and helps you realize your potential. Our team is key to this success. We’re people-first, valuing collaboration, curiosity and commitment.
As a Vice President at JPMorganChase within the Accelerator Business, you are at the heart of our venture, focused on getting smart ideas into the hands of our customers. You thrive in collaborative environments, are passionate about new technology, and have a solution-oriented, commercially savvy mindset with a strong fintech perspective.
You excel in tribes and squads, working within focused product and project teams based on your strengths and interests.
Company Culture & Values
We value diversity of thought, experience and background as the foundation of a great team. By bringing together people with different perspectives, we reflect the communities we serve and collectively create meaningful impact—on our company, clients, and global business partners.
Job Responsibilities
-
Coordinate and respond to auditor RFIs, interviews, and walkthroughs by:
- Triaging asks and assigning owners
- Quality-checking responses
- Packaging audit-ready evidence
-
Drive remediation of control gaps by translating audit findings into:
- Actionable engineering backlog items
- Clear acceptance criteria
- Target dates
-
Review Technology Control Standards and associated requirements to ensure:
- Control procedures and documentation remain current and aligned to firm expectations
-
Execute onboarding and compliance checks for required firm tooling and telemetry by verifying:
- Coverage
- Correctness
- Timely adoption for newly onboarded services
-
Lead end-to-end delivery of custom control procedures by:
- Defining control intent
- Aligning stakeholders
- Implementing operational steps
- Confirming control effectiveness
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
-
Develop and track mitigation plans for residual risks by setting:
- Risk-reduction actions
- Owners
- Milestones
- Governance checkpoints
-
Run Application Oversight Governance (AO Governance) by:
- Monitoring control posture, overdue findings, and control exceptions
- Ensuring timely remediation
-
Perform thematic analysis of control and audit findings to:
- Identify systemic risks
- Propose preventative controls, automation, or process improvements
-
Produce risk reporting and executive-ready updates by:
- Consolidating risk metrics
- Summarizing key risks
- Preparing materials for firmwide forums
-
Support vulnerability management governance by:
- Monitoring overdue and near-due items
- Recommend mitigations
- Converting remediation into prioritized engineering backlogs
-
Define and track control health KPIs/KRIs by establishing:
- Reporting routines that demonstrate control effectiveness
- Sustainability and risk reduction over time
Required Qualifications, Capabilities & Skills
Education & Certifications
- Professional certifications such as Cloud certifications, CISSP, CISM, or GIAC
Technical Expertise
-
Strong working knowledge of:
- GRC tools (e.g., Archer)
- Infrastructure as code
- Control enforcement in dynamic and hybrid environments
-
Proficiency in information security domains including:
- Policies and standards
- Risk and control assessments
- Access controls
- Regulatory compliance
- Technology resiliency
- Risk and control governance and metrics
- Incident management
- Secure systems development lifecycle (SDLC)
- Vulnerability management
- Data protection
-
Extensive experience in Technology roles with a strong understanding of:
- Operational Risk and Controls
- Tech/Cyber Risk
Analytical Competence
- Ability to consolidate data from disparate sources to create a cohesive risk view
Communication & Stakeholder Engagement
- Strong written and verbal communication skills, with the ability to:
- Effectively present security risk concepts to business and technology partners
Industry & Compliance Experience
- Experience working in regulated industries, particularly leveraging:
- Technology standards and frameworks
- Compliance and industry-recognized best practices (e.g., ITIL, NIST, ISO, PCI, SOC)


Get help with your application
Your very own career expert that helps elevate your application to the next level.
- Collaboration with:
- Internal and external technology audits (Third Line of Defense)
- CCOR Operational Risk Management deep dives and testing (Second Line of Defense)
- Ability to advocate for subject matter experts
About J.P. Morgan
J.P. Morgan is a global leader in financial services, delivering strategic advice and products to:
- Prominent corporations
- Governments
- Wealthy individuals
- Institutional investors
Our commitment to "doing business the right way" with clients drives everything we do. We aim to build trusted, long-term partnerships to help clients overachieve their objectives.
Diversity & Inclusion
We recognize that our people are our strength—their diverse talents contribute directly to our global success. J.P. Morgan is an equal opportunity employer and is committed to diversity and inclusion.
Protected Attributes
We do not discriminate on the basis of any protected category, including:
- Race
- Religion
- Color
- National origin
- Gender
- Sexual orientation
- Gender identity
- Gender expression
- Age
- Marital/veteran status
- Pregnancy/disability
- Any other attribute protected under applicable law
We provide reasonable accommodations for:
- Applicants’ and employees’ religious practices, beliefs, mental health or physical disability requirements
Visit our FAQs for details.
Corporate Functions
Our corporate teams focus on essential areas like:
- Finance
- Risk
- Human resources
- Marketing
Essential to our company’s cars, we ensure success across:
- Businesses
- Clients
- Customers
- Employees
Control Management Overview
The Control Management team sustains a strong control environment through a joint accountability model, aligning managers across functions and regions to mitigate operational risk. Key focus areas include:
- Control Design & Expertise
- Risk & Controls Identification/Assessment
- Issues & Control Deficiencies
- Control Governance & Reporting
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location