Assessments & Exercises Director - Strategy, Transformation, and Governance Lead

Posted 16 Hours Ago
Be an Early Applicant
Wilmington, DE
Hybrid
Senior level
Financial Services
We’re one of the world’s biggest technology-driven companies
The Role
As the Assessments & Exercises Director, you will lead the firm’s cybersecurity strategies, manage resilience initiatives, and enhance security posture through advanced assessments. You will also oversee operational efficiency, collaborate with stakeholders, and drive strategic initiatives while managing vendor relationships and budget allocation.
Summary Generated by Built In

Job Description
Spearhead cutting-edge security strategies and resilience initiatives, shaping the future of cybersecurity.
As an Assessments & Exercises Director in the Cyber and Tech Controls line of business, you will lead key efforts to enhance the firm's cybersecurity or resiliency posture. Plan and implement testing engagement to proactively identify risks and vulnerabilities in people, processes, and technology using advanced assessment methodologies and techniques. Spearhead the resolution of the most complex cyber and resiliency risks facing the firm, drawing on your extensive experience in conducting assessments across different systems, networks, and architectures. Your ability to analyze and articulate the inner workings of complex vulnerabilities will enable the firm to enhance its security strategy and mitigate cyber and resiliency risks.
JPMC's Assurance Operations organization is seeking a dynamic and strategic leader to fill the organization's Strategy, Transformation, and Governance Lead position. This role is pivotal in driving the transformation and operational efficiency of Assurance Operations, with a focus on optimizing delivery processes, enhancing communication with our stakeholders, and managing regulatory and audit requests. The Strategy Lead will provide strategic support and direction to the firm's internal team of highly skilled Offensive Security testers who conduct cybersecurity assessments (e.g. Red Team, Purple Team, Penetration Testing) to replicate cybersecurity threats targeting the firm. The Strategy Lead will lead a small team and be responsible for developing standardized intake and prioritization processes, managing vendor relationships, and overseeing budget and resource allocation. The ideal candidate will have a proven track record in strategic leadership, regulatory engagement, and operational management, with the ability to foster collaboration and drive strategic initiatives across the organization. This role requires excellent communication skills, a strong understanding of cybersecurity assessments, and the ability to manage complex projects and teams effectively.
Job responsibilities

  • Develop and implement operational plans and strategies that align with broader functional and organizational objectives (such as the needs of the business and regulatory expectations)
  • Lead the successful execution of risk-driven testing and simulations - such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations - and the development of comprehensive assessments reports including actionable recommendations, report to leadership assessment outcomes (including controls effectiveness and operational risk) and escalate thematic trends in observations
  • Influence and partner with cross-functional teams to make data-driven decisions that lead to continuous improvement
  • Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations and lead engagement with internal and external stakeholders - including industry peers and government agencies - to share insights and contribute to the development of cybersecurity and resiliency policies


Required qualifications, capabilities, and skills

  • 7+ years of experience in cybersecurity or resiliency, with demonstrated ability to implement complex assessments or exercises collaboratively with diverse stakeholders, subject matter experts, and senior leaders
  • Proven ability with at least 4+ years of experience managing teams of technical staff, or ability to create long term strategic plans, and experience conducting process improvement based on operational lessons learned and threat intelligence inputs. Should have a strong understanding of networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, system and software vulnerabilities and exploitation techniques, and web application vulnerabilities and exploitation techniques
  • Technical knowledge or experience developing in house scripting, using interpreted languages such as Ruby, Python, or Perl, compiled languages such as C, C++, C#, or Java, and security tools or technology such as Firewalls, IDS/IPS, EDR, Web Proxies, DLP and the ability to articulate and visually present complex Penetration Testing and Red Team results
  • Strong understanding of the current threat landscape and resiliency concerns, national and international laws, regulations, policies, and ethics related to cybersecurity or resiliency
  • Demonstrated expertise in security assessment methodologies, threat intelligence utilization, control evaluation techniques, or resiliency testing
  • Experience developing and presenting briefings to senior leaders and large audiences, in addition to meeting facilitation, conflict resolution, and providing program updates to senior leaders, regulators, and industry groups


Preferred qualifications, capabilities, and skills

  • BS/MS degree or equivalent
  • Intelligence Community background or understanding of the financial sector or other large security and IT infrastructures
  • Possess relevant industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Offensive Security (OSCP, OSEP, OSED, OSEE, OSCE), SANS (GPEN, GXPN, GWAPT), CREST/Tiger Scheme Certified Tester, and detailed knowledge of current international best practices in privacy and information security


About Us
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

What the Team is Saying

Nick S.
Lupe C.
Edwin T.
Dawn T.
Meng M.
The Company
HQ: New York, NY
289,097 Employees
Hybrid Workplace
Year Founded: 1799

What We Do

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $3.7 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small businesses, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands.

Technology fuels every aspect of our company and is at the heart of everything we do. With over 50,000 technologists globally and an annual tech spend of $12 billion, we are dedicated to improving the design, analytics, development, coding, testing and application programming that goes into creating high quality software and new products.

Learn more about technology at our firm, explore resources from our Distinguished Engineers, AI & ML researchers, and other experts; access the latest episode of our TechTrends podcast, and more at www.jpmorgan.com/technology. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.

©2023 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans.

Why Work With Us

Our technologists work on a diverse range of solutions that include strategic technology initiatives, big data, mobile, electronic payments, machine learning, cybersecurity, enterprise cloud development, and other state-of-the-art technologies.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

JPMorganChase Teams

Team
Product + Tech
About our Teams

JPMorganChase Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
Company Office Image
HQNew York, NY
SG
Bengaluru, Karnataka
Bournemouth, GB
Brooklyn, NY
Buenos Aires, Avaya
Chicago, IL
Dallas, TX
Dublin, IE
Glasgow, GB
Houston, TX
Hyderabad, Telangana
London, GB
Mumbai, Maharashtra
Philadelphia, PA
San Francisco, CA
Tampa, FL
Westerville, OH
Wilmington, DE
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account