JPMorgan Chase is a leading global financial services firm with assets of $2.5 trillion and operations in more than 60 countries. The firm is a leader in investment banking, commercial banking, financial services for small business and consumers, financial transaction processing, asset management and private equity.
The Technology & Cyber Security Operational Risk Management (Tech & Cyber ORM) is a firm-wide group within Risk with oversight responsibility for the implementation of the JPMC Operational Risk Management Framework (ORMF) for Global Technology. The Tech & Cyber ORM provides an independent view of Technology & Cyber risk to the firm's management and Board of Directors.
Tech & Cyber ORM is seeking talented candidates to support the ongoing development and successful execution of the Tech & Cyber ORM Program, including having a critical role in key initiatives, senior management business presentations, governance of the program and the overall strategy. They work closely with internal partners, including Compliance, Finance, Audit, Legal, Controls, and Human Resources.
The position represents an excellent opportunity for candidates to:
* Drive execution of the group's regulatory risk activities
* Develop expertise in Technology and Cyber Security
* Partner across Independent Risk Management, with Operational Risk and Compliance
Key responsibilities include:
* Develop and execute test of key information and cybersecurity controls.
* Document and review testing work papers, including planning and reporting document, test sheets, risk and control matrix to ensure clear identification and communication of risk, controls, test of controls and issues prior to presentation to senior management.
* Provide proactive consultation in identifying technology and cyber risk exposure and in evaluating solutions for control weakness and regulatory compliance issues.
* Work directly with the appropriate technology functional areas to identify areas with potentially elevated risk concentrations and perform deep dive investigations into the corresponding inherent risks and mitigating controls
* Evaluate the adequacy and timeliness of management's response and corrective action taken on all significant issues noted during testing.
* 3 - 5 years of technology and cybersecurity control testing experience.
* Professional certifications such as CISA, CISM, CISSP, GIAC
* Demonstrated experience in performing technology and cybersecurity control testing within a complex operational and regulatory environment.
* Understanding of technology control frameworks such as COBIT, NIST, ISO27001
* Proven ability to perform test of controls (design and operating effectiveness) that safeguards Information Assets e.g. Change Management, Identity and Access Management, Third Party, Encryption, Vulnerability Assessment, Configuration Management, Patching, Network Security, Secure SDLC, Incident Response, Physical Security, Disaster Recovery.
* Experiential understanding of key technologies such as databases, firewalls, authentication and authorization systems, web applications, cloud technologies, virtualization etc.
* Proven ability to anticipate and identify risks and effective mitigants.
* Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices
* Confidence to take ideas forward and to challenge others, where appropriate
* An outstanding ability to communicate effectively and confidently (both oral and written)
* Strong interpersonal skills - and ability to interact with colleagues at all levels in a peer-like way, and achieve goals without direct control over resources
* Work well in an unstructured environment with the ability to adapt quickly to change
* Proven ability to execute and deliver results
* Ability to work in a fast paced environment with multiple deliverables
* Openness to an environment of active developmental feedback from peers
* A track record demonstrating a high level of personal initiative, setting and achieving challenging goals, and demonstrating entrepreneurial leadership
* Proficient in Microsoft Products
* High level of professionalism, self-motivation, and sense of urgency
About Jpmorgan Chase & Co.
JP Morgan Chase is a financial services provider that offers investment banking, asset management, treasury, and other services.