Technology Control - Information Security Manager

Profile

Technology Control - Information Security Manager','200020633','!*!

Our

Information Security professionals are passionate about information security

and control solutions for computing environments. While managing a world-class

team of technology experts, you'll partner with one or more disciplines, lines

of business, regions or locations to respond to evolving business requirements

and emerging threats. You'll also leverage your expert knowledge of today's

ever-changing cybersecurity and risk landscape to influence IT operations

across the firm. Responsibilities include offering guidance, best practices and

support across businesses, leading risk reviews and vulnerability assessments,

identifying threats, communicating with senior leaders and other stakeholders,

and managing budgets.

','!*!

This role requires a wide variety of strengths and

capabilities, including:

Bachelor’s

degree or equivalent experience Strong

leadership skills with exceptional communication and presence Advanced

knowledge of multiple IT control and project management practices, and

experience working across large environments Ability

to collaborate with high-performing teams and individuals throughout the firm

to accomplish common goals Expertise

in application and infrastructure high-availability and resiliency

architectures with demonstrated experience in business Proficiency

in information security domains, including policies and standards, risk and

control assessments, access controls, regulatory compliance, technology

resiliency, risk and control governance and metrics, incident management,

secure systems development lifecycle, vulnerability management and data

protection. Foundational

knowledge of operating systems.  Intermediate knowledge of cloud

computing, computer network defense, contracting/procurement, cryptography,

enterprise architecture, financial institutions & governments, identity

management, incident management, information assurance, information systems

security certification, information systems. network security, infrastructure

design, legal, government, and jurisprudence, reasoning, requirements analysis,

risk management, security, strategic planning, strategy, systems life cycle,

technology awareness, and vulnerabilities assessment.  Develop

and maintain strong business and technology relationships, becoming a trusted

partner to these groups.  Develop and

maintain a deep understanding of the business, its underlying processes and the

controls environment across several categories. 

Lead the analysis, design, and implementation of products, tools and

technology delivering security and control management capabilities and

services.  Creates guidance regarding control-gap remediation and

compensating control issues/breaks with LOB partners.  Responsible for

control-related activities: interpreting corporate policies and regulatory

requirements, designing the control in partnership with the Chief Technology

Officers, including how to measure its effectiveness, providing control

implementation support and control validation. 

Build and mature a culture focused on the pro-active awareness and

improvement of the risk environment.Identifies

risks; develops and leads executable programs to ensure implementations and

effectiveness of firm-wide and LOB-wide risk management and control

solutions.  Drives awareness of regulatory and controls obligations and

ensures timeliness of response.  Communicating

risk and other control findings and develop recommendations for resolution;

identifying the root cause and key themes/trends to address issues

broadly.  Ensure that technology control

issues and gaps are documented clearly and that realistic remediation plans are

developed to address them, as well as investigating and resolving control

incidents.  Interface with Application

Development/Production Management teams on an on-going basis for BAU risk

activities as well as project initiatives. 

Partner with Third Party Oversight (TPO) teams to ensure effective risk

management of vendors engaged by technology partners. Provide technical risk

project consultancy for technology teams rolling out new products in the firm

so that they are secure from the start and fully compliant with the firms risk

policies and standards. Interface

with Business Control Managers teams to ensure technology risk impacting the

business is effectively tracked and communicated. Drive multiple controls

assessments by leveraging firm-wide tools CORE/RCSA, Application Risk

Assessment, SOC1, SOX, PCI, ITIL services within the IPM.  Develop a risk model/approach to cover

SRE/DevOps, data center migration, application modernization, lower level

environments into Agile approach.  Data

Management, Protection and Privacy product:  Provide leadership and

services for the technical and physical safeguards of JPMC and client data

while ensuring compliance to data protection and privacy laws and regulations.Ability

to interpret and translate customer requirements into operational cyber

actions.  Knowledge of organization's risk tolerance and/or risk management

approach.  Knowledge of authentication, authorizations, and access control

methods.  Knowledge of the application firewall concepts and

functions.  Knowledge of an organization's information classification

program and procedures for information loss.5

years of experience in Technology and preferably within the finance sector, and

2 years of management experience. 

Experience working in a matrix management model across globally diverse

virtual teams to deliver strategic initiatives. 

Ability to define and manage roadmaps across a large portfolio,

milestones and associated deliverables, and understand financial/budgetary

impact of technical decisions. General knowledge of Consumer and Community

Banking business, and specific knowledge of Credit Card Services business.

 

The

Cybersecurity & Technology Controls group at JPMorgan Chase aligns the

firm’s cybersecurity, access management, controls and resiliency teams. The

group proactively and strategically  partners with all lines of business

and functions to enable them to design, adopt and integrate appropriate

controls; deliver processes and solutions efficiently and consistently; and

drive automation of controls. The group’s number one priority is to enable the

business by keeping the firm safe, stable and resilient.

When you work at JPMorgan Chase & Co., you’re not

just working at a global financial institution. You’re an integral part of one

of the world’s biggest tech companies. In 14 technology hubs worldwide, our

team of 40,000 technologists design, build and deploy everything from enterprise

technology initiatives to big data and mobile solutions, as well as innovations

in electronic payments, cybersecurity, machine learning, and cloud development.

Our $9.5B annual investment in technology enables us to hire people to create

innovative solutions that will not only transform the financial services

industry, but also change the world. 

At JPMorgan Chase & Co. we value the unique skills

of every employee, and we’re building a technology organization that thrives on

diversity.  We encourage professional

growth and career development, and offer competitive benefits and

compensation.  If you’re looking to build

your career as part of a global technology team tackling big challenges that

impact the lives of people and companies all around the world, we want to meet

you. 

','JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.','Information Risk Management','US-DE-Wilmington-Delaware Tech Center / 59179','','CORPORATE SECTOR','Full-time','Standard','Day Job','','JPMorgan Chase','JPMorgan Chase','Technology Control - Information Security Manager

Company info

JPMorgan Chase & Co,
Website : http://www.jpmorganchase.com