Cyber Security & Technology Controls (CTC) purpose is to ensure the security and resiliency of the firm's computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the firm's risk posture. The IT Risk team is composed of firm-wide functions (IT Risk Management, Infrastructure Security Solutions, Identity & Access Management, and Application security) as well as business-aligned risk & resiliency management teams that affect the technology risk program across JPMC.
The Associate, Global Cyber Security & Recovery Resiliency Technical Lead will be responsible for partnering with Cybersecurity, LOB Resiliency Leads and technologists across the firm in developing real life scenarios and appropriate solutions where gaps exist, thereby driving the timely and successful execution of the firm wide Recovery and Resiliency strategy within the Cyber Security arena.
The successful candidate will be a technologist who is flexible, resilient, an innovative thinker, as well as a natural collaborator with security architects, engineers, developers and senior management from across the organization. The Technical Lead is expected to lead through influence, communicate effectively through clarity of thought and demonstrated understanding of business and technical requirements. In addition the candidate must possess strong technical leadership skills and demonstrated success in working with teams particularly in a matrix fashion.
Position Key Responsibilities:
* Partner with CTC Cyber testing Simulation, Infrastructure and Application development teams to develop new testing scenarios and maintain existing plans
* Provide key SME leadership within in the CTC Cyber resiliency team on Cyber resiliency programs and initiatives
* Work closely with LOB Security architects and GTI infrastructure technologists to develop remediation solutions, where appropriate
* Ensure all implemented cyber resiliency solutions have validation plans in place including continuous improvement plans
* Ensure that Cyber malware recovery playbooks are clearly defined, documented, communicated, adhered to, and are audit compliant
* Define and implement post-mortem / root-cause analysis processes - develop improved testing scenarios based upon analysis
* Develop and implement cyber resiliency controls to provide continuous monitory of the Firms capability to recover from a malware event
3+ years of strong hands-on experiences and technical depth in one, or more technology areas, including Data security, Infrastructure security, Endpoint/Platform security, Distributed Technologies, Replication technology , Cloud or Application Security.
Knowledge of network security architecture concepts, including topology, protocols, components, and principles would be advantages
* Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantages
* Been involved in large scale technology projects from inception to implementation
* Strength in both business and technical requirements analysis
* A good written and verbal communicator
* Ability to think strategically about how to create firm wide solutions to business requirements and ability to communicate effectively to both business and technical audiences
* Ability to build strong, cohesive partnerships with the business, operations, technology & other key stakeholders, including external vendor partners, and work effectively in a matrix organization.
* Good analytical and problem solving skills
* Some experience working with external auditors and regulators would be a bonus
Knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS...
Ability to present to audience and manage working group.
Ability to keep abreast with latest threats, attacking techniques and mitigating strategies.
Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
Skill in conducting security design reviews and recognizing vulnerabilities in systems
Prior experience in cybersecurity design / engineering would be advantageous
Prior experience in disaster and/or cyber recovery planning and testing would be advantageous
* Bachelor's degree in Computer Science, or a related field
* CISSP, CISM, CISA, CRISC a bonus
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Equal Opportunity Employer/Disability/Veterans
It's easy, and free! Add jobs from any website! Get recommendations from your friends! Start by adding this job...