VP, Information Security/Data Protection
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Wilmington, DE 19806
Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you’ll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You’ll also leverage your expert knowledge of today’s ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
This role requires a wide variety of strengths and capabilities, including:
+ Bachelor’s degree or equivalent experience
+ Strong leadership skills with exceptional communication and presence
+ Advanced knowledge of multiple IT control and project management practices, and experience working across large environments
+ Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
+ Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
+ Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection.The Lead ISM drives a robust risk and control environment, including ensuring technology solutions comply with firm wide risk and regulatory requirements, as well as ensuring the TCO organization is appropriately staffed and aligned to support the respective organization.
+ Serve as the primary point of contact/escalation for IT Risk, Cyber and IAM related topics, supporting a LOB CTO and CIO and their respective organizations.Leverage technical knowledge and experience to all aspects of risk and controls management, helping aligned CTO organizations to identify risk, develop remediation plans, and drive remediation efforts including being able to apply controls to the underlying technology landscape.Leverage technical knowledge and experience to all aspects of risk and controls management, helping aligned CTO organizations to identify risk, develop remediation plans, and drive remediation efforts.Ensure adherence with LOB Risk and Controls KRIs, enabling the organization to meet CCB wide targets for controls, including successful audits and audit issue validation targets
+ Partner with peer ISMs, to develop and continuously mature TCO processes and procedures to support the large scale IT Risk and Controls needs of the aligned CTO Sub LOB.Provide mentoring and training to peer and analyst level Technology Controls Officers supporting CTO organizations at scale
+ Provide risk and controls oversight for the CTO Sub line of business migration to internal and public clouds, driving controls adherence and maturity in the process.Support firm wide Cyber Security and Identity/Access Uplift programs, through partnership with CIO/CTO and LOB Cyber Leads.
+ High level understanding and awareness of key regulations such as GDPR, CCPA, GLBA, CCAR, BCBS 239, or TCPA.
+ Knowledge of data governance concepts such as data quality, lineage, entity relationship diagrams, data retention, metadata management.
+ Partner with peers to create a culture of Agile Development adoption, including providing insight and input on how to modify ISM process and procedure to fit an agile development model.Support the LOB Risk and Controls transformational roadmap by ensuring awareness of roadmap goals and executing to meet those goals in partnership with your peer TCOs as well as key interdepartmental contacts and clients.Develop, participate and deliver monthly risk committee updates, including LOB Business and IT Risk and Control committees
+ Promote innovation within the technology control environment driving control optimization, process efficiency, and improved client experience.Strengthen the Banking Technology control environment through education, collaboration, and oversight.Collaborate with Audit, Information Risk Management, business control functions, and the Banking Technology teams to drive transparent, measurable, and sustainable control improvements.Partner closely with business and technology stakeholders providing clear direction and guidance to manage risks, optimize returns, and enhance the client experience
+ Support Risk & Control Self-Assessment (RCSA) process ensuring issues and related action plans are timely documented, assigned, and resolved.Lead Information Security reviews across multiple application areas.Ensure escalation of material issues to senior technology management.Minimum 5 years of people leadership experience.Ability to demonstrate working knowledge of enterprise systems architecture patterns, enterprise application patterns, and cloud microservices implementation.Technology security, risk, and audit experience
+ Experience working with Cloud and Machine Learning Technologies.Strong understanding of Teradata, Hadoop, and Greenplum Platform Infrastructure.Strong understanding of Continuous Integration Processes, within the JPMC Infrastructure and Application Framework preferred.Experience working with geographically dispersed and culturally diverse teams.Proficient with multiple technologies and architectural design principles.Ability to establish good working relationships with team members, colleagues, and external organizations
+ Project management experience, CISSP, CRISC, CISA or other relevant certifications preferred
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.
When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.
JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.