J.P. Morgan
Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation as part of the CDAO core engineering team.
As a Lead Risk Software Engineer (Snowflake) at JPMorgan Chase within the AI/ML and Data Platform (AMDP) technology function, you will be responsible for leading the core engineering team’s Risk, compliance, and regulatory efforts to remain in line with the firm’s standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Application Owners, Product Owners, Engineers and Control Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, regulatory requirements, compliance, secure engineering practices, and theories will enable you to promote innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.
Job responsibilities
Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations.
Develop and maintain robust relationships, becoming a trusted partner with technologists, controls and assessments teams to facilitate cross‑functional collaboration and progress toward shared goals.
Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management oversight.
Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
Collaborate with engineers to identify, monitor, and address technology risks across data platforms, ensuring they remain within the acceptable risk appetite.
Work with engineering teams to anticipate and prepare for future regulatory and compliance requirements, including PCI DSS, SOX, SOC1, and regional mandates such as GDPR, Swiss, and China regulations.
Create and evaluate Technology Resiliency Plans, incorporating disaster recovery strategies and ongoing sustained resiliency testing.
Implement continuous process improvement, including but not limited to policy, procedures, and production monitoring and reduce time to resolve. Identify, coordinate, and implement initiatives/projects and activities that create efficiencies and optimize technical end to end development.
Measure and optimize system performance, with an eye toward pushing our capabilities forward, getting ahead of customer needs, and innovating to continually improve.
Required qualifications, capabilities, and skills
Formal training or certification on technology risk management concepts and 5+ years applied experience.
Exposure to regulatory compliance standards such as GDPR, SOX, PCI DSS, and SOC1/2.
Familiarity with risk management frameworks, industry standards, and data governance practices such as NIST Cybersecurity Framework, ISO 27001.
Proficient knowledge and expertise in data security, risk assessment & reporting, controls evaluation, design, execution and governance, with a proven record of implementing effective risk mitigation strategies.
Demonstrated ability to influence executive‑level strategic decision‑making and translating technology insights into business strategies for senior executive.
Familiarity with DevSecOps, software development, and secure from the start engineering practices.
Preferred qualifications, capabilities, and skills
Security Certification (CISSP preferred, CISM, CISA, CCSP).
Any AWS Certification (Solutions Architect) preferred.
Experience with Snowflake (Snowpro Associate certification).
Knowledge and expertise of Data Platforms (Snowflake, Redshift etc).
Experience with Microsoft suite (PowerPoint, Excel, Word).
Cloud Computing (specifically AWS).
Experience with Atlassian (JIRA, Confluence).
#J-18808-Ljbffr
As a Lead Risk Software Engineer (Snowflake) at JPMorgan Chase within the AI/ML and Data Platform (AMDP) technology function, you will be responsible for leading the core engineering team’s Risk, compliance, and regulatory efforts to remain in line with the firm’s standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Application Owners, Product Owners, Engineers and Control Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, regulatory requirements, compliance, secure engineering practices, and theories will enable you to promote innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.
Job responsibilities
Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations.
Develop and maintain robust relationships, becoming a trusted partner with technologists, controls and assessments teams to facilitate cross‑functional collaboration and progress toward shared goals.
Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management oversight.
Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
Collaborate with engineers to identify, monitor, and address technology risks across data platforms, ensuring they remain within the acceptable risk appetite.
Work with engineering teams to anticipate and prepare for future regulatory and compliance requirements, including PCI DSS, SOX, SOC1, and regional mandates such as GDPR, Swiss, and China regulations.
Create and evaluate Technology Resiliency Plans, incorporating disaster recovery strategies and ongoing sustained resiliency testing.
Implement continuous process improvement, including but not limited to policy, procedures, and production monitoring and reduce time to resolve. Identify, coordinate, and implement initiatives/projects and activities that create efficiencies and optimize technical end to end development.
Measure and optimize system performance, with an eye toward pushing our capabilities forward, getting ahead of customer needs, and innovating to continually improve.
Required qualifications, capabilities, and skills
Formal training or certification on technology risk management concepts and 5+ years applied experience.
Exposure to regulatory compliance standards such as GDPR, SOX, PCI DSS, and SOC1/2.
Familiarity with risk management frameworks, industry standards, and data governance practices such as NIST Cybersecurity Framework, ISO 27001.
Proficient knowledge and expertise in data security, risk assessment & reporting, controls evaluation, design, execution and governance, with a proven record of implementing effective risk mitigation strategies.
Demonstrated ability to influence executive‑level strategic decision‑making and translating technology insights into business strategies for senior executive.
Familiarity with DevSecOps, software development, and secure from the start engineering practices.
Preferred qualifications, capabilities, and skills
Security Certification (CISSP preferred, CISM, CISA, CCSP).
Any AWS Certification (Solutions Architect) preferred.
Experience with Snowflake (Snowpro Associate certification).
Knowledge and expertise of Data Platforms (Snowflake, Redshift etc).
Experience with Microsoft suite (PowerPoint, Excel, Word).
Cloud Computing (specifically AWS).
Experience with Atlassian (JIRA, Confluence).
#J-18808-Ljbffr