TheCybersecurity & Technology Controls group at JPMorgan Chase aligns thefirm's cybersecurity, access management, controls and resiliency teams. Thegroup proactively and strategically partners with all lines of business and functions to enable them todesign, adopt and integrate appropriate controls; deliver processes andsolutions efficiently and consistently; and drive automation of controls. Thegroup's number one priority is to enable the business by keeping the firm safe,stable and resilient.
OurInformation Security professionals are passionate about information securityand control solutions for computing environments. While managing a world-classteam of technology experts, you'll partner with one or more disciplines, linesof business, regions or locations to respond to evolving business requirementsand emerging threats. You'll also leverage your expert knowledge of today'sever-changing cybersecurity and risk landscape to influence IT operationsacross the firm. Responsibilities include offering guidance, best practices andsupport across businesses, leading risk reviews and vulnerability assessments,identifying threats, communicating with senior leaders and other stakeholders,and managing budgets.
Investigation, analysis, documentation, remediation, tracking and reporting of technology risk and control identification and remediation
Engage in Solutions and Security Architecture to ensure existing and new solutions are designed to be continuously in synch with JPMC policies and standards
Collaborate with team members and stakeholders on firm mandated, cross line of business, regional audit and risk and control projects.
Provide strategic drive for engagement efficiency, effectiveness and transparent, measurable, sustainable control improvements, including process enhancements and use of automated data collection techniques.
Proactively monitor Key Risk Parameters to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.
Provide leadership and advice on material remediation activities ensuring appropriate resolution of issues, action plans, breaks and remedies and support the closure verification process
Aid in training and spreading technology risk and cyber awareness within the organization
Develop and maintain strong business and technology relationships, becoming a trusted partner to these groups
Communicate risk and other control findings with key stakeholders, develop recommendations and provide accurate metrics and management reports on a timely basis
Thisrole requires a wide variety of strengths and capabilities, including:
Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity
Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
Expertise in Agile and can work with at least one of the common frameworks
Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
Candidates with a minimum 10+ years of experience in technology risk and controls, risk based consulting, risk assessments, audit and regulatory activities:
Bachelor's degree in Computer Science, Management Information Systems, Accounting Information Systems, or a related field is required. Experience within financial services areas is preferred.
Experience with implementation and oversight of technology risk and controls, coordination of activities for audits and assessing an IT controls environment.
Knowledge of controls associated with key end user capabilities, such as but not limited to:
System hardening standards and configuration monitoring
Developing and Delivering secure mobile applications
Virtual Desktop provisioning, delivery and lifecycle management
Assessment and configuration of Software as a Service end user offerings
Able to review, understand, and rely on technical and software documentation and apply that knowledge into practice.
Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction controls.
Stakeholder engagement skills, including ability to interact with senior levels of management.
Knowledge of process-focused methodologies for IT related activities (Networks, Cloud, Change Management, Incident Management, SDLC ).
Exposure to IT Risk and Process frameworks: COSO, COBIT, NIST, Cybersecurity Horizontal reviews, ITIL.
Whenyou work at JPMorgan Chase & Co., you're not just working at a globalfinancial institution. You're an integral part of one of the world's biggesttech companies. In 20 technology centers worldwide, our team of 50,000technologists design, build and deploy everything from enterprise technologyinitiatives to big data and mobile solutions, as well as innovations inelectronic payments, cybersecurity, machine learning, and cloud development.Our $10B+ annual investment in technology enables us to hire people to createinnovative solutions that will are transforming the financial servicesindustry.
AtJPMorgan Chase & Co. we value the unique skills of every employee, andwe're building a technology organization that thrives on diversity. We encourage professional growth and careerdevelopment, and offer competitive benefits and compensation. If you're looking to build your career aspart of a global technology team tackling big challenges that impact the livesof people and companies all around the world, we want to meet you.
Internal Number: 6500590
eFinancialCareers is a career site specializing in financial services.