At a Glance
- Tasks: Lead tech risk strategy and enhance compliance in a dynamic environment.
- Company: Join a global leader in financial services with a focus on diversity and inclusion.
- Benefits: Competitive salary, professional development, and a supportive work culture.
- Other info: Opportunity to work with cutting-edge AI technologies and collaborate across teams.
- Why this job: Shape the future of technology risk management and make a real impact.
- Qualifications: Experience in technology risk management and strong leadership skills.
The predicted salary is between 70000 - 90000 £ per year.
Join a role that's central to our technological resilience, offering a unique opportunity to shape the firm's tech risk strategy and enhance industry compliance.
As a Technology Risk and Controls Lead within our Cloud Foundational Services Function, you will be passionate about operational risk management and control solutions for computing environments. You will partner with one or more disciplines, lines of business, regions and locations to respond to evolving business requirements and emerging threats. You will leverage your expert knowledge of today's ever-changing technology risk landscape and controls environment to advise and support IT operations across the firm. You will partner with process owners to respond to internal and external audit and regulatory requests for information, while ensuring senior stakeholders are kept updated on the risk posture for the organization. You will report directly to the Technology, Risk & Controls Portfolio Lead and will be responsible for a small team.
Lead the strategic development and implementation of technology risk management in a dynamic, evolving tech landscape. You'll work with partners across the firm to spot new risks, strengthen day-to-day controls, and keep leaders informed on overall risk health. You'll also coordinate responses to audits and regulatory requests, and guide IT teams on security, resiliency, and high-availability design. The role covers key areas like access management, incident response, vulnerability management, and data protection, with a strong understanding of public cloud environments.
Develop and implement technology risk management strategies, policies, and processes to identify, assess, and mitigate risks, and drive strategic projects and initiatives to enhance the firm's technology risk management capabilities, in line with industry best practices and the firm's standards and regulatory requirements.
Identify and escalate emerging and upstream technology risk through execution of the Firm's management framework tools, including risk event management, reporting, and action plan tracking, and provide expert counsel to stakeholders and constituents regarding their security obligations, facilitating acceptable outcomes.
Establish and maintain strong relationships with internal and external stakeholders, including key cross-functional team leads, regulators, and auditors, to ensure compliance with legal, regulatory, and industry standards.
Manage reporting and governance of overall controls, policies, issue management, and measurements. Establish governance standards for AI-assisted workflows used in risk reporting and issue/action-plan management, ensuring traceability/auditability and alignment to security, resiliency, and regulatory expectations.
Direct oversight and management of Audits for Cloud Foundational Services. Supports and advises process owners in managing operational risk and provides transparency to stakeholders. Ensures alignment with regulatory and firmwide control obligations and industry standards. Audit engagement and response management.
Significant experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation. Demonstrated experience leading safe adoption of enterprise-authorized AI capabilities within the work environment within technology risk and controls workflows, including validation practices and awareness of data sensitivity.
Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry. Proven ability to lead large teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy in communications with senior executives.
Advanced knowledge and experience leading data security, risk assessment & reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies. Bachelor's degree or equivalent experience.
Advanced knowledge of multiple IT control and project management practices and experience working across large environments. Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business.
Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection.
Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.
StudySmarter Expert Advice🤫
We think this is how you could land Tech Risk and Controls Director - Audit (Glasgow)
✨Join Compliance Communities
Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!
✨Attend Industry Conferences
Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.
✨Leverage Your University Career Services
If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.
✨Showcase Your Knowledge Online
Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like J.P. Morgan looking for candidates who are engaged and informed.
We think you need these skills to ace Tech Risk and Controls Director - Audit (Glasgow)
Some tips for your application 🫡
Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!
Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.
Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!
Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at J.P. Morgan. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!
How to prepare for a job interview at J.P. Morgan
✨Master the Regulations
Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!
✨Show Your Analytical Skills
Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!
✨Know Your Tools
Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!
✨Align with Company Culture
Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with J.P. Morgan’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!