Risk - Technology Operational Risk Management Lead - Vice President

As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As a Cybersecurity Operational Lead, you will work within the Compliance, Conduct, and Operational Risk (CCOR) team to collaborate with 1st, 2nd, and 3rd Lines of Defense (LOD) to assess and evaluate global cybersecurity risks to the JP Morgan Chase technology estate. You will need to have previous hands-on experience operating or implementing security controls and tools as well as an understanding of how security risks are managed at strategic, operational, and tactical levels. Additionally, responsibilities of this role will have you lead risk assessments, significant event reviews, and control monitoring across the Security Configuration and Security Operation control domains. To be successful you will need an understanding of technical controls, excellent communication skills, and the ability to collaborate with senior leaders and stakeholders to assess large environments. 

Job Responsibilities

• Engage with technology and cybersecurity technologists to evaluate processes and risks
• Assess risk impacts at the line of business and enterprise level
• Work with technology area’s to identify risk concentrations globally and understand how security controls mitigate them or identify residual risks
• Write and present assessments highlighting control efforts or risks to Executive Directors, Managing Directors, and members of the Risk Operating Council
• Exhibit strong organizational management skills necessary to collaborate with peers and deliver results 
• Maintain a high level of professionalism and expertise to be recognized as an expert in an assigned security control domain
• Keep abreast of current cyber trends, vulnerabilities and emerging technologies
• Perform independent assessments of Operational Risks though Operational Risk monitoring programs (e.g., significant event reviews, deep dive reviews, risk metrics, Operational Risk appetite, independent Risk Management assessments)

Required qualifications, capabilities, and skills

• 5+ years of experience as a technologist with experience in cybersecurity / technology development, engineering, or technical architecture within financial services organizations
• Strong understanding of Risk Management at the enterprise level
• Knowledge and experience in cybersecurity organization practices in some of the following: vulnerability management, penetration testing, incident response, data loss prevention, email security, SIEM, DDoS, public cloud security configuration best practices, etc.
• Ability to understand complex technical systems, the business processes they support, assess the inherent risks, and recommend mitigating security controls
• Highly disciplined and able to work with limited supervision to execute long running projects with results
• Exceptional verbal and written communication skills
• Knowledge of common frameworks such as FFIEC, NIST CSF, etc.

Preferred Qualifications, capabilities, and skills

• Proven experience translating on-premises security configurations and operational processes into multi cloud environments
• Understanding of how cloud and on-premises security controls support federal and international regulatory compliance requirements
• One or more information security or cloud certifications (e.g. CISSP, CISM, GIAC, CCNA Security, AWS Security Specialty, Azure Security Engineer)

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans

Career development, Competitive pay, Health care, Wellness