The CCOR T&C Risk Manager within Operational Risk Management is responsible for the identification, monitoring, testing, and governance of cybersecurity processes and controls risks inherent in JPMorgan Chase technology environment. This position will be highly engaged with the firm-wide Identity and Access Management Risk manager team who provides high quality security solutions to detect and monitor for threats and vulnerabilities and manage security incidents to keep ahead of threats.

We are looking for a multi-disciplined forward-looking technologist with diverse backgrounds and experiences in identity and access management including: certification, entitlement revision, role based access, privileged access management, authentication, and access systems and tools.

The successful candidate will use experience and leadership skills to give guidance and best practice advice across the Global Identity and Access Management function. He/she will lead significant event reviews, risk assessments, and perform monitoring and testing of security and technology controls. The role requires a strong self-starter who can understand program objectives, understand mitigating cybersecurity controls using a logical to independently assess the control environment.

Key responsibilities include:

• Perform deep inspection of specific technologies in targeted processes or firm-wide evaluation.
• Keep abreast of current cyber trends, vulnerabilities, and emerging technologies.
• Engage with access management teams to gain full understanding of identity and access management and control environment.
• Perform significant event reviews.
• Independently assess technology risk management and controls across the bank
• Understand third party risks as related to specific technology area of expertise.
• Risk assessment of the impact of threats and vulnerabilities on JPMC technology portfolio.
• Coordination and key participation in the development of the evolving risk position of new technology. For each of the technology areas in focus, this person will be charged with escalating and tracking the individual risk items.
• Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices.
• Develop and perform ongoing analysis of Operational Risk loss, near miss and external events to inform RCSA results, technology assessments and scenario analysis. Investigate Operational Risk events meeting selection criteria; assist LOB OROs in determining the appropriate consideration of technology risk management and risk events.
• Participate in key portfolio governance forums.
• Provide feedback and coordination with the application risk assessment process.
• Identify risk measures and thresholds for monitoring key risk access controls.

Qualifications:

• BS/BA degree in computer science or equivalent experience.

• 4-7 years or more proven experience in IAM technology engineering or Security architecture or IAM Control Testing with financial services or large consulting services experience.

• Professional certifications such as CISA, CISM, CISSP, GIAC is desirable.

• Demonstrated experience in performing technology and cybersecurity control testing within a complex operational and regulatory environment.

• Understanding of technology control frameworks such as FFIEC standards, FS Profile, FFIEC CAT, COBIT, NIST, PCI-DSS etc.

• Experiential knowledge of current and emerging IAM technologies and tools such as Identity Management Technologies, Authentication system, Federated/SSO systems, Privilege password management system, Directory Services.

• Knowledge of Identity and Access Management controls and practices such as identity and credential management, remote access management, access permissions and authorization, authentications, cloud and third party IAM, privilege access management is highly desirable.

• Proven ability to anticipate and identify risks and effective mitigants.

• Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices

• Confidence to take ideas forward and to challenge others, where appropriate

• An outstanding ability to communicate effectively and confidently (both oral and written)

• Strong interpersonal skills - and ability to interact with colleagues at all levels in a peer-like way, and achieve goals without direct control over resources

• Work well in an unstructured environment with the ability to adapt quickly to change

• Proven ability to execute and deliver results

• Ability to work in a fast paced environment with multiple deliverables

• Openness to an environment of active developmental feedback from peers

• A track record demonstrating a high level of personal initiative, setting and achieving challenging goals, and demonstrating entrepreneurial leadership

• Proficient in Microsoft Products

• High level of professionalism, self-motivation, and sense of urgencyJPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.

Equal Opportunity Employer/Disability/Veterans