Job Description Summary
As an member of Cybersecurity and Technology Controls, the quest to find new and innovative technological solutions to protect our assets, data and people is what drives you. You'll lead a highly motivated team laser-focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. You'll share your expertise, thought leadership and overall guidance and support, both with your team and across all our business and technology groups. You'll deploy best practices, implement new policies, and embrace emerging trends to strengthen our strategic roadmap. Finally, you will lead by example and earn the trust of the internal team, collaborators from around the world working in our global team of technologists and innovators, senior management, and, the people and companies whose assets we manage and protect.
Responsibilities
The Information Security Manager (ISM) is responsible for coordinating the organization, framework, program and approach for the JPMC security architecture, policies, standards, risk assessments, monitoring, and certification around technology. This role engages in areas of development, design, and monitoring of corporate and world-wide control programs and acts as a liaison between management, the Lines of Business, internal and external audit and regulators.
Role is part of the Cybersecurity & Technology Controls organization. The group is a risk partner and consultant to the Consumer and Community Banking Home Lending and Auto technology teams and businesses. The ideal candidate will lead a team of cybersecurity and risk professionals accountable for driving control design and implementation in line with policies and standards, and targeting prioritized solutions/architectures to reduce risk.
Key responsibilities include:

• Technology Risk Application Control Assessments
• Cybersecurity Control Assessments
• Risk and Control incidents/events management
• Oversight of internal Audit and Regulatory management
• IT General Risk and Control (GRC) assessments and programs
• Recognize security needs and recommend suitable technologies and controls
• Build and mature a culture focused on the pro-active awareness and improvement of the risk environment.
• Deep understanding of the business, its underlying processes and the controls environment
• Partner with Third Party Oversight (TPO) teams to ensure effective risk management of vendors engaged by technology partners
• Executive Management presentations, reports & KRI/KPI metrics - effectively communicate information to technical and non-technical partners and stakeholders

Requirements

• BS/BA degree or equivalent experience

• 12+ year's technology experience across a broad range of architectures. With hands on experience leading, designing and delivering technology solutions.
• 10+ years' work experience in the area of technology risk management and auditing of computer and application controls
• Project management skills, with proven ability to deliver quality results in a deadline-driven environment
• Strong understanding of corporate governance structures and how they function.
• A strong sense of ownership, attention to detail and commitment to quality
• Excellent written, oral and presentation communication skills
• Excellent interpersonal, negotiation and influencing skills
• Relevant IT Control Certification(s) (e.g. CISA, CRISC, CISM, CGEIT) preferred but not mandatory. .
• Advanced expertise in Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies, tactics and strategy to protect, detect, respond and recover from attacks
• Deep fluency in national and international laws, regulations, policies and ethics related to financial industry Cybersecurity
• Seasoned command of multiple disciplines, optimizing Cybersecurity products and services through the lifecycle
• Recognized expertise in Cybersecurity and Agile, creating competitive advantage through the application of leading-edge technologies and methodologies
• Strategically oriented and can influence at the group and Firm level as needed
• Expertise in working in partnership with colleagues throughout the firm, and in leading collaborative teams to achieve common goals

About Us JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the "WELL Health-Safety Rating" for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.
As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. These requirements may include sharing information in the firm's vaccine record tool, vaccination or regular testing, mask wearing, social distancing and daily health checks. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests.
Equal Opportunity Employer/Disability/Veterans
About the Team The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.