Posted in General Business 9 days ago.
This job brought to you by eQuest
Location: Wilmington, Delaware
Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.
This role requires a wide variety of strengths and capabilities, including:
• Bachelor's degree or equivalent experience
• Strong leadership skills with exceptional communication and presence
• Advanced knowledge of multiple IT control and project management practices, and experience working across large environments
• Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
• Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection.
• Develop an Infrastructure and Production Management risk position and create a plan to leverage the best practices available in the firm or in the industry
• Develop and maintain strong business and technology relationships, becoming a trusted partner to these groups. Develop and maintain a deep understanding of the business, its underlying processes and the controls environment across several categories. Responsible for control-related activities: interpreting corporate policies and regulatory requirements, designing the control in partnership with the Chief Technology Officers, including how to measure its effectiveness, providing control implementation support and control validation. Build and mature a culture focused on the pro-active awareness and improvement of the risk environment.
• Communicating risk and other control findings and develop recommendations for resolution; identifying the root cause and key themes/trends to address issues broadly. Ensure that technology control issues and gaps are documented clearly and that realistic remediation plans are developed to address them, as well as investigating and resolving control incidents. Interface with Application Development/Production Management teams on an on-going basis for BAU risk activities as well as project initiatives. Partner with Third Party Oversight (TPO) teams to ensure effective risk management of vendors engaged by technology partners. Provide technical risk project consultancy for technology teams rolling out new products in the firm so that they are secure from the start and fully compliant with the firms risk policies and standards.
• Interface with Business Control Managers teams to ensure technology risk impacting the business is effectively tracked and communicated. Drive multiple controls assessments by leveraging firm-wide tools CORE/RCSA, Application Risk Assessment, SOC1, SOX, PCI, ITIL services within the IPM. Develop a risk model/approach to cover SRE/DevOps, data center migration, application modernization, lower level environments into Agile approach. Data Management, Protection and Privacy product: Provide leadership and services for the technical and physical safeguards of JPMC and client data while ensuring compliance to data protection and privacy laws and regulations.
• 5+ years of experience in Technology and preferably within the finance sector, and 2+ years of management experience. Experience working in a matrix management model across globally diverse virtual teams to deliver strategic initiatives. Ability to define and manage roadmaps across a large portfolio, milestones and associated deliverables, and understand financial/budgetary impact of technical decisions.
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
When you work at JPMorgan Chase & Co., you're not just working at a global financial institution. You're an integral part of one of the world's biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we're building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you're looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.
JPMorgan Chase is an equal opportunity and affirmative action employer M/F/Disability/Veteran.JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Equal Opportunity Employer/Disability/Veterans