Information Security Management - Risk and Control
Location
Mumbai | India
Job description
Job Description
As a Vice President - Information Security Management at JP Morgan Chase within Cybersecurity& Technology Controls organization, we are professionals who are passionate about information security and control solutions for computing environments. Responsibilities include offering guidance, best practices, and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
Job Responsibilities - Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams to deliver customer value and improve security posture
- Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes
- Proactively monitoring Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps
- Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains, including vulnerability management, data protection, cloud and application security
- Collaborate with team members and stakeholders on firm-mandated, cross-LOB, and regional audits
- Interact with Technology Leadership, Product Owners, and Application Development teams on an on-going basis for business as usual risk activities, reporting and project initiatives
- Maintain an understanding of Technology teams strategies, product roadmaps and key investment programs
Required Qualifications, Capabilities, And Skills - Formal training or certification on software engineering concepts and 5+ years applied experience
- Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
- Preparation and delivering of governance materials suitable for regulatory, audit and senior executive consumption
- Ability to challenge teams to ensure risk profile is understood and clearly articulated
- Specialist knowledge of information security and technology controls principles and relevant standards such as Access Management, Application Security, security Incidents and Technology Resiliency Management.
- Proficiency in automation, SDLC and continuous delivery methods
- Advanced understanding of agile methodologies such as CI/CD, Applicant Resiliency, and Security
- Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., cloud, artificial intelligence, machine learning, mobile, etc.)
Preferred Qualifications, Capabilities, And Skills - Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. ITIL, NIST, ISO, PCI, SOC)
- Experience working with diverse global teams to deliver strategic initiatives and commitments, ideally leveraging product and Agile principles
- Collaborate on internal and external technology audits, CCOR Operational Risk Management deep dives and testing, and the ability to advocate on behalf of subject matter experts
- Expertise in Office 365 with proficiency manipulating data in Excel
- Practical cloud native experience
ABOUT US JPMorgan Chase& Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
About The Team The Cybersecurity& Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.
Job tags
Salary
