JPMorgan Chase GRC – Cybersecurity Product Liaison for I&AM in Columbus, Ohio
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/.
Global Cybersecurity ensures the security and resiliency of the Firm’s computing environment, enabling it to protect customer and employee confidential information, and comply with regulatory and audit requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high-quality security solutions and services that are focused on improving the Firm's risk posture.
Within Global Cybersecurity, the Governance, Risk & Control team seeks a Cybersecurity Product Liaison for Identify & Access Management with comprehensive risk and control background, ability to assess design adequacy and operational effectiveness of controls, and demonstrated proficiency in supporting end-to-end Issue Management. In addition, experience supporting the creation and maintenance of Policies, Standards and Procedures is preferred.
Roles and Responsibilities:
• Acting as an independent controls officer, provide comprehensive risk and control oversight across Cyber Products and supporting Capabilities
• Assess the design adequacy and operational effectiveness of controls to mitigate cybersecurity risks and conformity to standards, regulatory and compliance requirements
• Assist in the design of compensating controls where control deficiencies are noted and/or desired residual risk levels have not been achieved
• Demonstrate proficiency in supporting end-to-end Issue Management throughout its full lifecycle including identification, creation, tracking and closure
• Leveraging data analytics, conduct trend analysis to identify thematic issues, determine root causes, and design sustainable solutions to avoid issue recurrence
• Manage the creation and maintenance of Policies, Standards and Procedures to keep them evergreen and ensure alignment with industry leading practices and regulatory requirements
• Oversee Product resiliency and third-party supplier risk management activities
• Facilitate SDLC pre-implementation control design reviews (‘secure from the start’) and pre-audit readiness exercises
• Engage and partner with product teams and process owners to promote cross-functional relationships and foster collaborative approaches
• Bachelors degree in computer science, information systems or related field along with 3-5 years of overall IT experience preferred
• 3-5 years of business experience, ideally including experience in the Financial Services and Technology Risk or related fields
• Broad technical knowledge across Identity &Access Management (IAM) functions and toolsets is required, this includes understanding of concepts such as System Administration, RDBMS, User Administration, Operating Systems and Application Development
• Must have a high degree of technical expertise to interface with technology stakeholders and recommend IAM based process improvements.
• Outstanding verbal, interpersonal and written communication and presentation skills, including demonstrated ability to interact with both technical and non-technical stakeholders
• Analytical aptitude; strong organizational and time management skills; ability to manage multiple and conflicting priorities in a global organization, and to adapt in a fast-paced environment
• Ability to develop and maintain strong partnerships with key stakeholders, and to work across LOBs and regions, balancing the needs of multiple organizations
• Strong PC skills including thorough knowledge of Microsoft Office Suite
• Ability to both learn from colleagues and think outside the box
• Understanding of software develop practices and Agile development methodologies
• Familiarity with industry-recognized frameworks (e.g., COBIT, FFIEC CAT, NIST CSF)
• Certification in one or more of the following – CISSP, CRISC, CEH, CISA is considered to be a plus
JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.