Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient
Interfacing with stakeholders to ensure technology risk impacting the business is effectively identified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes. Work with business and technology teams to complete risk assessments, ensure control adoption is appropriate and implemented effectively, and test control validation across the technology environment Serving as a point of escalation and SME for IT Risk and Cyber domains, including vulnerability management and application security. Provide technical risk advisory for technology teams rolling out new products in the firm so that they are secure from the start and fully compliant with the firm’s risk policies and standards Build and cultivate a culture focused on the pro-active awareness and improvement of the risk environment. Maintain strong business and technology relationships, becoming a trusted partner to these groups. Interface with Lead ISMs, CTOs and Application Development teams on an on-going basis for BAU risk activities and project initiatives. Partner across all 3 lines of defense to manage risk, improve the security environment, and ensure information assets and technologies are adequately protected Partner with Third Party Oversight (TPO) teams to ensure effective technology risk management of vendors engaged by technology partners.
This role requires a wide variety of strengths and capabilities, including:
Bachelor’s degree or equivalent experience Strong leadership skills with exceptional communication and presence Advanced knowledge of multiple IT control and project management practices, and experience working across large environments Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection 7+ years of experience in Security and / or Risk Management and / or Corporate Technology with an aptitude in application and platform security. Work with business and technology teams to complete risk assessments, ensure control adoption is appropriate and implemented effectively, and test control validation across the technology environment. Provide technical risk advisory for technology teams rolling out new products in the firm so that they are secure from the start and fully compliant with the firm’s risk policies and standards Interface with other lead ISMs, CTOs and Application Development teams on an on-going basis for BAU risk activities and project initiatives. Partner across multiple lines of defense to manage risk, improve the security environment, and ensure information assets and technologies are adequately protected. Partner with Third Party Oversight (TPO) teams to ensure effective technology risk management of vendors engaged by technology partners. Relevant certifications such as CISA, CISSP, CCSK, CCNA or equivalent preferred.
Our Corporate Technology team relies on smart, driven people like you to develop applications and provide tech support for all our corporate functions across our network. Your efforts will touch lives all over the financial spectrum and across all our divisions: Global Finance, Corporate Treasury, Risk Management, Human Resources, Compliance, Legal, and within the Corporate Administrative Office. You’ll be part of a team specifically built to meet and exceed our evolving technology needs, as well as our technology controls agenda.
When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you