JP Morgan Chase
Information Security Manager (ISM)
Req #: 190052959
Location: Lewisville, TX, US
Job Category: Technology
The Global Cybersecurity and Technology Controls (CTC) organization ensures the security and resiliency of the Firm's computing environment, enabling it to protect customer and employee confidential information, and comply with regulatory and audit requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high-quality security solutions and services that are focused on improving the Firm's risk posture.
The Governance & Control (G&C) organization within CTC is seeking an accomplished and seasoned individual to drive a robust risk and control environment for Global Identity & Access
Management (GIAM), ensuring technology solutions comply with Firmwide risk, controls and regulatory requirements.
The Information Security Manager (ISM) for GIAM will have a comprehensive understanding of the overall GIAM risk and control environment and instill appropriate governance to manage and proactively identify issues and changes in the risk profile of the underlying systems. The Information Security Manager (ISM) will support the Application Development Managers (ADM)/ Application Owners (AO) in understanding the end-to-end risk posture of the applications and infrastructure to ensure appropriate controls are implemented for existing systems, new application development, and ongoing enhancements.
* Drive a risk mitigating culture within GIAM aligned to proactively identify, assess, and manage inherent risks within technology and services.
* Promote innovation within the technology control environment driving control optimization, process efficiency, and improved client experience.
* Strengthen the GIAM control environment through education, collaboration, and oversight.
* Drive effective risk mitigating controls designed, deployed, and monitored by the application owners, developers, and support teams.
* Develop an integrated technology control framework maintaining the appropriate balance between risk mitigation, product growth, and financial returns.
* Collaborate with Audit, Information Risk Management, business control functions, and the GIAM teams to drive transparent, measurable, and sustainable control improvements.
* Partner closely with business and technology stakeholders providing clear direction and guidance to manage risks, optimize returns, and enhance the client experience.
* Proactively work with technology and product managers to identify potential issues and ensure effective remediation.
* Provide leadership and advise on material remediation activities ensuring appropriate resolution of issues.
* Proactive engagement with other LOB Technology Control Officers and IAM Leads.
* Active engagement in risk assessments and control substantiation.
* Collaborate with ADMs/AOs on Internal Audits, SSAE16, SOX, and regulatory assessments.
* Support Risk & Control Self-Assessment (RCSA) process ensuring issues and related action plans are timely documented, assigned, and resolved.
* Drive the Technology Control education agenda.
* Lead Technology Control forums across multiple application areas.
* Ensure escalation of material issues to senior management.
This role requires a wide variety of strengths and capabilities, including:
* 10+ years of technology leadership experience.
* 5+ years of Identity Access Management, technology security, risk, and audit experience.
* Familiarity with ITIL framework and processes.
* Strong written and verbal communication skills.
* Strong ability to articulate ideas and results in a meaningful and actionable manner
* Flexible, adaptable to shifting priorities; eagerness to work in a fast-paced, results driven, highly dynamic environment
* Experience working with geographically dispersed and culturally diverse teams.
* Proficient with multiple technologies and architectural design principles.
* Proven ability to build strong partnerships with colleagues, desire to learn quickly, be flexible and think strategically
* Demonstrated analytical and problem solving skills.
* Experience in business process analysis, documenting gaps and process standardizations. .
* Experience identifying strategic improvements and delivering measurable change.
* Certifications such as CISSP, CISM, CRISC, CISA are preferred.
* Experience working in a Cloud Computing environment is a plus.
* Strong organizational skills with ability to effectively multitask.
* Strong interpersonal skills, exceptional relationship building and influencing skills and ability to effectively partner with all levels of management across numerous teams to help drive the control agenda
* Bachelor's degree, specialized training, or equivalent work experience.
When you work at JPMorgan Chase & Co., you're not just working at a global financial institution. You're an integral part of one of the world's biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we're building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you're looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.
It's time to take your career to the next level, and we can help. Apply today.
About JP Morgan Chase
JP Morgan Chase & Co. is a global financial services provider that offers investment banking, asset management, treasury and other services.