Information Security Manager - Executive Director

Jpmorgan Chase & Co. Wilmington , DE 19801

Posted 4 weeks ago

Information Security Manager - Executive Director

Req #: 190059296

Location: Wilmington, DE, US

Job Category: Technology

Job Description:

JPMorgan Chase is seeking an ED, Information Security Manager (ISM), to support the CCB OPT team. This position will report to the Managing Director of CCB & AWM CTC Governance and Controls; CTC ISM Lead. The role will support the CCB OPT Leaders, serving as a member of the leadership team for the LOB, as well as the LOB Cybersecurity, Risk and Control leadership team.

The person best suited for this position will be a highly independent and self-motivated individual, with excellent communication skills. The role will require working within a Global team, and to become embedded into the OPT team, working alongside as a trusted partner on all security matters.

Responsibilities include:

  • Ensure strategic alignment between the Risk Management and Tech Control priorities, while still seeking to enable the business and achieve strategic priorities

  • Serve as a thought leader within Risk Management and contribute to the development of the strategic planning

  • Serve as the primary relationship manager for the technology leads across CCB OPT, ensuring two-way communication and awareness of ongoing priorities, potential issues, and new initiatives

  • Lead a team of 6-9 ISMs, including daily management and project delivery; manage skillset development of ISM resources to ensure the OPT team is supported with the right skillsets

  • Ensure adherence with LOB Risk and Controls KRIs, enabling the organization to meet CCB wide targets for controls, including successful audits and audit issue validation targets

  • Provide oversight for the transformational initiatives within OPT, including but not limited to Cloud, IAM, and Vulnerability Management, to ensure risk management and control adherence

  • Develop, prepare, and present regular updates, including LOB Business and IT Risk and Control committees

  • Ensure visibility and understanding of key compliance and regulatory requirements within the environment, such as PCI

  • Maintain an understanding of the firm-wide compliance obligations, while applying a knowledgeable line of business view to how they apply and operate within the context of a line of business unit

  • Support firm wide Controls & Operational Risk Evaluation (CORE) process ensuring issues and related action plans are timely documented, assigned, and resolved

  • Collaborate with Audit, Operational Risk Oversight, business control functions, and the Consumer Operations Technology teams to drive transparent, measurable, and sustainable control improvements

  • Experience leading a team of 5+ individuals

  • 3+ years working in Risk Management or Technology Controls environment

  • 5+ years working in an IT Operations environment

  • Demonstrated success working across diverse technology and business teams

  • Stakeholder engagement skills and ability to interact with all levels of management.

  • Problem resolution with technology and business stakeholders.

  • Written, verbal communication and listening skills.

  • Strategic thinking/leadership drive the big picture and target state, skills to define goals, success and measurements, can lead initiatives with good ability to direct and lead CTC ISMs and Technology teams towards defined goals.

  • Ability to work effectively in a global team environment and operate in a matrixed organization.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Assessment Lead

Jpmorgan Chase & Co.

Posted 2 weeks ago

VIEW JOBS 7/4/2019 12:00:00 AM 2019-10-02T00:00 Information Security Assessment Lead Req #: 190047100 Location: Wilmington, DE, US Job Category: Technology Job Description: JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at The Cybersecurity & Technology Controls (CTC) organization has aligned our cybersecurity, access management, and controls and resiliency teams to accelerate the adoption of the Global Technology (GT) Vision and as a function become a strategic enabler for the businesses we support. CTC will proactively help the firm and put into place the capabilities and solutions necessary to become a leading technology company from a technology controls, resiliency and information security standpoint. POSITION SUMMARY: As a Vice President your primary responsibility will be to support firmwide cross-line of business Infrastructure Controls (ICA) and Application Risk (ARA), conduct various assessments tests and communicate test results with the appropriate stakeholders. You may be in a single contributor role or you may lead a team either directly or in a matrix arrangement. You will play an important role in engaging respective Assessment Leads / Information Security Managers in the business areas to assess risk and with respective technology and business partners. You will have an eye for detail and an ability to see the big picture and recognize need to assess control issues more broadly and across groups. Your support of the Application Risk Assessment program requires working with Application Development teams to provide oversight of the controls and suitable remediation plans. The role will also require strategic thinking to drive efficiencies in the way we do our various assessments across the firm as we move towards a Continuous Controls Monitoring (CCM) and apply other compliance automation tools. You may work on other assessment programs such as Sarbanes-Oxley (SOX) and Graham-Leach-Bliley (GLBA), and Risk and Control Self Assessment (CORE). PRIMARY DUTIES AND RESPONSIBILITIES: * Assist with the annual firm wide technology risk controls assessment program, test and evaluate the evidence of the controls and identify any significant control deficiencies working with the appropriate Assessment Leads / Information Security Managers to identify appropriate remediation to improve the controls as necessary. * Assist with other annual technology compliance and risk assessment programs for Global Technology, including setting up workshops to identify inherent risk and to request appropriate evidence for Controls * Test the evidence of the controls and document test results. * Conduct Application Risk Assessments (ARA) to gather risk specific information about technology application. * Support the Application Control Testing program including initial interviews regarding standard controls usage for applications in scope; assist with the identification and testing of shared controls. Perform testing of the evidence submitted to validate it justifies control effectiveness. * Work with technology teams to gather control design requirements and facilitate discussions to bring to closure identified control issues. * Advise Lines of Business (LOBs), based on the testing performed, to ensure compliance with the Firm's guidelines. * Evaluate findings and communicate issues and best practices with the rest of the team and management. * Perform Quality Assurance functions within the testing program and interface with the Quality Assurance group to improve assessments and address and close findings. * Work actively with the Assessment Leads / Information Security Managers on guidance on IT-related issues. * Participate in additional key control projects related to the overall enhancement of the assessment function. * Support internal education and share best practices with team and peers and colleagues and provide information security education & awareness, as needed. QUALIFICATIONS: * Bachelor's degree preferably in Computer Science or Information Technology. * Minimum 5 years internal or external technology audit or risk assessment experience * Have a strong background in audit and technology risk assessment processes and an understanding of internal controls * Have an ability to effectively develop and communicate recommendations based on various technology compliance and control assessment results. * Experience in software application assessment and control testing. * Be detail oriented with ability to evaluate processes, controls and issues to determine the risks. * Have an ability to maintain high standards with a drive to achieve the right answer in difficult and/or ever changing situations. * Can work independently, collaborate within or lead a team and is comfortable working in a matrixed management environment and dual-reporting scenarios * Proficient verbal and written communication skills, including the ability to effectively lead discussions and meetings with internal management, external / internal audit and peer groups. * Strong interpersonal skills - verbal communications, written communications, and a good track record of collaboration. * Proficient in MS Office - Microsoft Word, Excel, Access, PowerPoint and agile methodologies like Kanban and Scrum. * Basic project management skills. * CRISC, CISA or other industry-recognized risk certifications preferred. * Should have reasonable knowledge of US, EMEA, and APAC technology regulatory requirements. Jpmorgan Chase & Co. Wilmington DE

Information Security Manager - Executive Director

Jpmorgan Chase & Co.