1+ months

JPMorgan Chase & Co.
Wilmington, DE 19801
  • Job Code
    200020633

Technology Control - Information Security Manager

Job Description

Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.


This role requires a wide variety of strengths and capabilities, including:

  • Bachelor’s degree or equivalent experience

  • Strong leadership skills with exceptional communication and presence

  • Advanced knowledge of multiple IT control and project management practices, and experience working across large environments

  • Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals

  • Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business

  • Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection.

  • Foundational knowledge of operating systems.  Intermediate knowledge of cloud computing, computer network defense, contracting/procurement, cryptography, enterprise architecture, financial institutions & governments, identity management, incident management, information assurance, information systems security certification, information systems. network security, infrastructure design, legal, government, and jurisprudence, reasoning, requirements analysis, risk management, security, strategic planning, strategy, systems life cycle, technology awareness, and vulnerabilities assessment. 

  • Develop and maintain strong business and technology relationships, becoming a trusted partner to these groups.  Develop and maintain a deep understanding of the business, its underlying processes and the controls environment across several categories.  Lead the analysis, design, and implementation of products, tools and technology delivering security and control management capabilities and services.  Creates guidance regarding control-gap remediation and compensating control issues/breaks with LOB partners.  Responsible for control-related activities: interpreting corporate policies and regulatory requirements, designing the control in partnership with the Chief Technology Officers, including how to measure its effectiveness, providing control implementation support and control validation.  Build and mature a culture focused on the pro-active awareness and improvement of the risk environment.

  • Identifies risks; develops and leads executable programs to ensure implementations and effectiveness of firm-wide and LOB-wide risk management and control solutions.  Drives awareness of regulatory and controls obligations and ensures timeliness of response. 

  • Communicating risk and other control findings and develop recommendations for resolution; identifying the root cause and key themes/trends to address issues broadly.  Ensure that technology control issues and gaps are documented clearly and that realistic remediation plans are developed to address them, as well as investigating and resolving control incidents.  Interface with Application Development/Production Management teams on an on-going basis for BAU risk activities as well as project initiatives.  Partner with Third Party Oversight (TPO) teams to ensure effective risk management of vendors engaged by technology partners. Provide technical risk project consultancy for technology teams rolling out new products in the firm so that they are secure from the start and fully compliant with the firms risk policies and standards.

  • Interface with Business Control Managers teams to ensure technology risk impacting the business is effectively tracked and communicated. Drive multiple controls assessments by leveraging firm-wide tools CORE/RCSA, Application Risk Assessment, SOC1, SOX, PCI, ITIL services within the IPM.  Develop a risk model/approach to cover SRE/DevOps, data center migration, application modernization, lower level environments into Agile approach.  Data Management, Protection and Privacy product:  Provide leadership and services for the technical and physical safeguards of JPMC and client data while ensuring compliance to data protection and privacy laws and regulations.

  • Ability to interpret and translate customer requirements into operational cyber actions.  Knowledge of organization's risk tolerance and/or risk management approach.  Knowledge of authentication, authorizations, and access control methods.  Knowledge of the application firewall concepts and functions.  Knowledge of an organization's information classification program and procedures for information loss.

  • 5+ years of experience in Technology and preferably within the finance sector, and 2+ years of management experience.  Experience working in a matrix management model across globally diverse virtual teams to deliver strategic initiatives.  Ability to define and manage roadmaps across a large portfolio, milestones and associated deliverables, and understand financial/budgetary impact of technical decisions. General knowledge of Consumer and Community Banking business, and specific knowledge of Credit Card Services business.

 

The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically  partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.

When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world. 

At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity.  We encourage professional growth and career development, and offer competitive benefits and compensation.  If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you. 


Req #: 200020633
Location: Wilmington, DE US
Job Category: Technology
Employment Type: Full Time
Potential Referral Amount: 5000 US Dollar (USD)


Keyword: card%20services

Categories

Posted: 2020-03-27 Expires: 2020-06-03

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

JPMorgan Chase & Co.
Wilmington, DE 19801

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast