The Security Incident & Event Monitoring (SIEM) security product team is in charge of setting the strategy, getting buy-in across the organization, and being the drum beat for the execution engine. This includes:
Leading complex and firm wide scale SIEM product developments that work across business partners.
Ensure integration with our other key product domains including Cloud, Network, Endpoint and App Security.
Develop and maintain multi-year, risk-based product roadmap that clearly represents key deliverables, dependencies & benefits.
Ensure the accepted product backlog is in place, visible, and managed as capacity and capability is available.
Align audit & regulatory commitments to products.
Ensure all commitments are mapped to Product book of work and prioritized.
Ensure product controls are aligned to and assessed against the firms Threat Scenarios and Risk Framework to model a comprehensive view of control gaps and effectiveness.
Engage stakeholders in the LOBs to identify needs and map it to network product roadmap to reduce risk..
Evangelize the Product & ensure key Content is readily available to key stakeholders & users
Requirements
5+ years of experience in a product/program management role within enterprise technology and more specifically - Cybersecurity.
Solid understanding of the end-to-end information technology (IT) process, including architecture, design & engineering, implementation, and operations
Demonstrated success in a Product Management construct with an emphasis on information security solutions in a Cloud based environment.
Breadth and depth of vendor management and selection
Proven ability to provide product management artifacts and deliverables such as roadmaps, product overviews, reports, backlog and documentation.
Knowledge of the latest security and intelligence trends with subject matter expertise in 2 or more SIEM
Technologies such as:
Splunk (required)
ArcSight
QRadar
LogRythm
Alien Vault
RSA
Additional skills background
Security Operations Center (SOC) hands-on operations experience is a plus
Prior hands-on software development or engineering experience is preferred - scripting language (i.e. Perl, Python, Powershell, Bash, et al) experience highly desired
Active professional security certifications (i.e. CISSP or other industry qualification) preferred
Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity - FISMA, PCI, NIST.
Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
Expertise in Agile and can work with at least one of the common frameworks
Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
