Company name
JPMorgan Chase & Co,
Location
Wilmington, DE, United States
Employment Type
Full-Time
Industry
Manager, It
Posted on
Mar 27, 2020
Profile
Technology Control - Information Security Manager','200020633','!*!
Our
Information Security professionals are passionate about information security
and control solutions for computing environments. While managing a world-class
team of technology experts, you'll partner with one or more disciplines, lines
of business, regions or locations to respond to evolving business requirements
and emerging threats. You'll also leverage your expert knowledge of today's
ever-changing cybersecurity and risk landscape to influence IT operations
across the firm. Responsibilities include offering guidance, best practices and
support across businesses, leading risk reviews and vulnerability assessments,
identifying threats, communicating with senior leaders and other stakeholders,
and managing budgets.
','!*!
This role requires a wide variety of strengths and
capabilities, including:
Bachelor’s
degree or equivalent experience Strong
leadership skills with exceptional communication and presence Advanced
knowledge of multiple IT control and project management practices, and
experience working across large environments Ability
to collaborate with high-performing teams and individuals throughout the firm
to accomplish common goals Expertise
in application and infrastructure high-availability and resiliency
architectures with demonstrated experience in business Proficiency
in information security domains, including policies and standards, risk and
control assessments, access controls, regulatory compliance, technology
resiliency, risk and control governance and metrics, incident management,
secure systems development lifecycle, vulnerability management and data
protection. Foundational
knowledge of operating systems. Intermediate knowledge of cloud
computing, computer network defense, contracting/procurement, cryptography,
enterprise architecture, financial institutions & governments, identity
management, incident management, information assurance, information systems
security certification, information systems. network security, infrastructure
design, legal, government, and jurisprudence, reasoning, requirements analysis,
risk management, security, strategic planning, strategy, systems life cycle,
technology awareness, and vulnerabilities assessment. Develop
and maintain strong business and technology relationships, becoming a trusted
partner to these groups. Develop and
maintain a deep understanding of the business, its underlying processes and the
controls environment across several categories.
Lead the analysis, design, and implementation of products, tools and
technology delivering security and control management capabilities and
services. Creates guidance regarding control-gap remediation and
compensating control issues/breaks with LOB partners. Responsible for
control-related activities: interpreting corporate policies and regulatory
requirements, designing the control in partnership with the Chief Technology
Officers, including how to measure its effectiveness, providing control
implementation support and control validation.
Build and mature a culture focused on the pro-active awareness and
improvement of the risk environment.Identifies
risks; develops and leads executable programs to ensure implementations and
effectiveness of firm-wide and LOB-wide risk management and control
solutions. Drives awareness of regulatory and controls obligations and
ensures timeliness of response. Communicating
risk and other control findings and develop recommendations for resolution;
identifying the root cause and key themes/trends to address issues
broadly. Ensure that technology control
issues and gaps are documented clearly and that realistic remediation plans are
developed to address them, as well as investigating and resolving control
incidents. Interface with Application
Development/Production Management teams on an on-going basis for BAU risk
activities as well as project initiatives.
Partner with Third Party Oversight (TPO) teams to ensure effective risk
management of vendors engaged by technology partners. Provide technical risk
project consultancy for technology teams rolling out new products in the firm
so that they are secure from the start and fully compliant with the firms risk
policies and standards. Interface
with Business Control Managers teams to ensure technology risk impacting the
business is effectively tracked and communicated. Drive multiple controls
assessments by leveraging firm-wide tools CORE/RCSA, Application Risk
Assessment, SOC1, SOX, PCI, ITIL services within the IPM. Develop a risk model/approach to cover
SRE/DevOps, data center migration, application modernization, lower level
environments into Agile approach. Data
Management, Protection and Privacy product: Provide leadership and
services for the technical and physical safeguards of JPMC and client data
while ensuring compliance to data protection and privacy laws and regulations.Ability
to interpret and translate customer requirements into operational cyber
actions. Knowledge of organization's risk tolerance and/or risk management
approach. Knowledge of authentication, authorizations, and access control
methods. Knowledge of the application firewall concepts and
functions. Knowledge of an organization's information classification
program and procedures for information loss.5
years of experience in Technology and preferably within the finance sector, and
2 years of management experience.
Experience working in a matrix management model across globally diverse
virtual teams to deliver strategic initiatives.
Ability to define and manage roadmaps across a large portfolio,
milestones and associated deliverables, and understand financial/budgetary
impact of technical decisions. General knowledge of Consumer and Community
Banking business, and specific knowledge of Credit Card Services business.
The
Cybersecurity & Technology Controls group at JPMorgan Chase aligns the
firm’s cybersecurity, access management, controls and resiliency teams. The
group proactively and strategically partners with all lines of business
and functions to enable them to design, adopt and integrate appropriate
controls; deliver processes and solutions efficiently and consistently; and
drive automation of controls. The group’s number one priority is to enable the
business by keeping the firm safe, stable and resilient.
When you work at JPMorgan Chase & Co., you’re not
just working at a global financial institution. You’re an integral part of one
of the world’s biggest tech companies. In 14 technology hubs worldwide, our
team of 40,000 technologists design, build and deploy everything from enterprise
technology initiatives to big data and mobile solutions, as well as innovations
in electronic payments, cybersecurity, machine learning, and cloud development.
Our $9.5B annual investment in technology enables us to hire people to create
innovative solutions that will not only transform the financial services
industry, but also change the world.
At JPMorgan Chase & Co. we value the unique skills
of every employee, and we’re building a technology organization that thrives on
diversity. We encourage professional
growth and career development, and offer competitive benefits and
compensation. If you’re looking to build
your career as part of a global technology team tackling big challenges that
impact the lives of people and companies all around the world, we want to meet
you.
','JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.','Information Risk Management','US-DE-Wilmington-Delaware Tech Center / 59179','','CORPORATE SECTOR','Full-time','Standard','Day Job','','JPMorgan Chase','JPMorgan Chase','Technology Control - Information Security Manager
Company info
JPMorgan Chase & Co,
Website : http://www.jpmorganchase.com