Information Risk Lead Job Listing at J.P. Morgan Chase in India

Finance

GTI Risk Resiliency Management establishes the framework and provides guidance to the GTI towers for managing risks, assessing controls, and engaging with internal and external organizations to determine adequacy of the control environment. Within that organization, the Controls, Governance, and IRM group is responsible for governance and execution of risk programs to identify and mitigate risks within GTI. This includes ensuring adherence to existing policies and standards, regulatory requirements, or best business practices. The Governance, Controls, and IRM group within GTI Risk Resiliency is responsible for viewing risk comprehensively across the Global Technology Infrastructure expanded organization providing processes, guidance, and remediation for management of technology risks. This includes:

• Assessing, identifying issues, measuring progress, and tracking remediation of technology risks.
• Implementing common processes, practices, tools, and metrics to improve the risk posture.
• Developing consistent integrated metrics and MIS reports for key risk indicators.
• Driving compliance to best risk management practices throughout the organization.
• Keeping track of best practices, and implementing continuous improvement opportunities on an ongoing basis.

As an Information Risk Lead within this group your day to day responsibilities will be to interface withproduct areasenior management to drive the Risk Management agenda, includingcompliance to policy,execution of remediation, interaction with Audit, and completion of self assessments. Specific to integration of business aligned technology to GTI, you will drive key stakeholders to adhere to risk management practices. This will be accomplished either by managing risk management programs or by driving operational areas to adhere to the defined risk agenda. This includes:

• Assessing risk and controls for the interim and final state organizations and advising remediation plans.
• Understanding existing risk and control issues in current organizations, and ensuring ownership for resolution.
• Facilitating determination of ownership where there is conflict for integration control agendas.
• Flaggin risk and control issues for new organizational constructs to advise on how to address.