Compliance, Conduct and Operational Risk – Tech & Cyber– Associate
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
ring your expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.
CCOR Technology & Cybersecurity (“CCOR T&C”) is a group within the Compliance, Conduct and Operational Risk (CCOR) organization is responsible for the design and oversight of the second line of defense independent risk management program for technology and cybersecurity risks, leveraging the Operational Risk Framework, regulatory guidance (e.g., FFIEC, Heightened Standards, etc.) and laws, rules, and regulations.
The team is seeking a high performing Associate position based out of our Bangalore office in JPMorgan Towers. The role will be responsible for supporting a broad range of data activities supporting independent oversight of first line of defense’s (1LOD) technology and cybersecurity risk management practices. You will work with professionals who oversee the 1LOD GRC team’s delivery of risk & controls framework, control integration & assessment, risk treatment & analytics, and governance and reporting practices. You will need to have strong understanding of technology and cyber resiliency risks, the integration of business, technology and third party resiliency, providing effective assessment and challenge, and informed consultation. Additionally, you will need to be a strong self-starter, with intellectual curiosity, who can independently identify, assess, and monitor risks and the associated mitigating technology controls using a consistent, logical approach to assess the 1LOD technology resiliency operational environment as well as prepare/deliver written/verbal communications on risk and control assessment results to technical/non-technical audiences through senior levels within the firm.
Job Responsibilities
- Data Pipeline Development: Develop and manage ETL processes to ingest and process Tech Risk and controls, SEIM data from various sources ( e.g. configurations, logs, alerts, threat intelligence feeds).
- Data Integration: Ensure seamless integration of Risk & Controls data with firmwide tools like asset inventory , controls management , Security scanning and cloud SIEM
- Database Management: Design and optimize data storage solutions tailored for operational risk, ensuring data availability and performance.
- Data Quality and Security: Implement measures for data quality, integrity, and security, adhering to compliance standards and best practices.
- Risk Detection: Collaborate with global Technology ORM teams to design data models and queries that enhance risk detection and response capabilities.
- Automation: Develop automation scripts and tools to streamline tech Risk & Controls data processing and analysis.
- Documentation: Maintain detailed documentation of data pipelines, system architecture, and security protocols.
Required Qualifications, Experience and Skills:-
- Bachelor's/Masters Engineering degree and 6+ years relevant experience data engineering or a similar role
- Proficiency with data engineering tools and languages such as SQL, Python, and data processing frameworks (e.g., Apache Kafka, Spark).
- Proven experience in data engineering or a similar role, with a focus on technology controls/ security operations preferred
- Experience with SIEM systems (e.g., Splunk, ELK stack) and security data analytics an advantage
- Knowledge of Cloud technology controls ,security operations, incident response, and threat detection methodologies an advantage
- Familiarity with regulatory compliance requirements (e.g., GDPR, CCPA, PCI-DSS) an advantage
Skills:
- Strong understanding of data pipelines, ETL processes, and database management.
- Ability to write efficient and secure data queries and scripts.
- Hands on experience of data analytics technologies in Public Cloud such as Redshift, Elastic Map Reduce, Lake Formation, Glue, Athena etc.
- Familiarity with cybersecurity principles and threat landscapes an advantage
- Excellent problem-solving skills and attention to detail.
- Strong communication and collaboration skills.
Professional Certificates:
Public Cloud Certifications like AWS/GCP/ Azure Data Engineer , Security Speciality
Working Hours: 1:30 pm to 10:30 pm India Hours
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
