Information Security Management, Cybersecurity & Technology Controls - Vice President
March 5, 2020
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm?s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group?s number one priority is to enable the business by keeping the firm safe, stable and resilient.
Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
This is an experienced VP level role for a ISM (Information Security Manager) based in Hong Kong providing IT Risk leadership for the AWM Technology and Business in the region.
This role requires a wide variety of strengths and capabilities, including:
Bachelor?s degree or equivalent experience
Strong leadership skills with exceptional communication and presence
Advanced knowledge of multiple IT control and project management practices, and experience working across large environments
Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection
Extensive Risk Management experience and knowledge in financial institution
Extensive experience presenting risk and control agenda to senior management
Regulatory experience within Asia Pacific in a risk and control function, experience dealing with regional regulators preferred
Deep understanding of business knowledge specifically in the Asset and Wealth Management area
Process improvement and project management experience
Application Risk and Control specialist (alternative - Operational Risk or Information Security experience and knowledge with highly analytical skills)
Manage and monitor the IT Risk posture for our AWM teams by providing management with transparency over what the key risks are and how they can be addressed. ? Coordinate or participate all relevant IT Risk activities (e.g. regulatory inspections and assessments control testing monitoring reporting, internal audits and remediation activities). ? Act as a subject matter expert in relation to IT Risk Control and Security. ? Develop and maintain strong business and technology relationships, to become a trusted partner as well as foster collaborative relationships with various Lines of Business operating in the region, Corporate functions such as Audit Corporate IT Risk and Global Technology Infrastructure. ? Participate in or lead programs to improve or remediate the control environment across the region. ? Interpret regulatory requirements and corporate policies communicate these clearly alongside current status and provide oversight of compliance as required
? 10+ years IT experience, the majority of which should be in front office technology at a financial institution. ? 3 years? experience in IT Risk and Control or Information Security role preferably in the financial services sector. ? Demonstrated experience working with the regulators in the region, articulate in local regulations and laws pertaining to IT Risk is preferred. ? Superior stakeholder engagement skills, including ability to influence senior management. ? A demonstrable track record of successfully working with ambiguity, poorly defined problems and drive change. ? Excellent negotiation and influencing skills. ? Strong decision making capability. ? Excellent written and oral communication skills in both English and preferably in Chinese also.
? Extensive experience in technology or IT risk management preferably for financial institution and/or strong background in IT Risk Advisory. ? Demonstrated capability of designing and implementing cross-functional programs; strong project management skills. ? Track record of implementing successful risk or technology management solutions. ? Track record of developing and maintaining senior-level stakeholder relationships. ? Industry qualification e.g. CISA, CISSP, CISM, CRISC.
When you work at JPMorgan Chase & Co., you?re not just working at a global financial institution. You?re an integral part of one of the world?s biggest tech organizations. In our global technology centers, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $11B annual investment in technology enables us to hire people to create innovative solutions that are transforming the financial services industry.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we?re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you?re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.