J.P. Morgan's Corporate & Investment Bank (CIB) is a global leader across banking, markets and investor services. The world's most important corporations, governments and institutions entrust us with their business in more than 100 countries. With $18 trillion of assets under custody and $393 billion in deposits, the Corporate & Investment Bank provides strategic advice, raises capital, manages risk and extends liquidity in markets around the world.
The Cybersecurity & Technology Controls (CTC) group at JPMorgan Chase aligns the firm's cybersecurity, access management, technology controls and resiliency teams. The group proactively and strategically partners with Corporate Investment Bank, other lines of business and Corporate functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm and our client's data safe, stable and resilient.
The CIB CTC Investor Services Information Security Manager will be responsible for managing the technology, operational and regulatory risks related to their supported business and applications. The Investor Services ISM will be expected to work cohesively with other CTC and CIB control functions, including but not limited to software developers, business control managers, compliance, internal audit & external regulators.
Provide leadership to review, analyze impact of and implement technology controls to meet existing and new global regulatory requirements
Assist in the development and implementation of the Firm's technology policies, standards, procedures, control guidance and training
Evaluate technology risks across the various business process flows, including application design, development, testing practices, as well as technology control design, operation and validation
Lead and participate in programs to evolve and improve the Investor Services cybersecurity and technology control practices and control environments across CIB
Help to develop a risk and control culture focused on the pro-active awareness and improvement of the Investor Services control environments
Provide governance and oversight of technology risk and controls in partnership with CIB Investor Services technology executives, providing senior management with transparency on identified key risks, issue management and remediation activities
Develop and maintain strong business and technology relationships, becoming a trusted partner, as well as building relationships with corporate functions such as Audit, Compliance, Risk and Corporate IT Risk teams
Dem onstrated knowledge of technology and application risk and controls management as a practitioner
Knowledge of various control frameworks (e.g., FFIEC, COBIT, NEST)
Experience in application security controls (design and/or execution)
Knowledge of Software Development Life Cycle, control requirements and compliance assessments
Strong project management and execution skills for driving enterprise-wide risk initiatives
Excellent written, oral and presentation communication skills
Excellent interpersonal, negotiation and influencing skills
Audit testing experience preferred but not required
Proficient in the use of Microsoft Office
Knowledge of programming languages (e.g., C/C++, Java, Python ) is a plus
Knowledge of broker-dealer regulatory requirements (e.g., FINRA, NYSE, SEC) is a plus
10+ years' experience in technology or IT risk management, preferably for financial institution and/or strong background in IT Risk Advisory