JPMorgan Chase PCI Business Assessment Lead - Global Cybersecurity Technology Controls in Columbus, Ohio

As part of the Global Cyber Technology Controls team, the PCI Business Assessment Lead, Line of Business is responsible for overseeing compliance with the PCI DSS within the assigned Line of Business. This is a highly visible role responsible for driving execution with product, technology, and business teams to ensure compliance with PCI DSS.

Key Responsibilities:

  • Works with Line of Business as a single point of contact managing all aspects of the annual PCI Data Security Assessment.

  • Serves as a technical expert with PCI subject matter expertise for the Line of Business.

  • Leads interaction with all Line of Business product teams for all PCI support activity.

  • Works with the Line of Business teams to define PCI scope.

  • Performs QA on all evidence prior to presentation to QSA.

  • Oversees the completion of a Self-Assessment Questionnaire (where applicable).

  • Provides leadership and advice on material remediation activities ensuring appropriate resolution of issues, action plans, breaks and remedies and supports the closure verification process.

  • Collaborates with other PCI Assessment team members and stakeholders on PCI mandated, line of business, and risk and control projects.

  • Provides direction for engagement efficiency, effectiveness and transparent, measurable, sustainable control improvements, including process enhancements and use of automated data collection techniques.

  • Partners with other Global Cyber and Enterprise Technology teams to create and proactively monitor Key Risk Parameters designed to identify non-compliant conditions and assist in remediation with compensating controls (if needed) to address security, risk and control gaps.

  • Aids in training and spreading PCI compliance awareness within the organization

  • Develops and maintains strong business and technology relationships, becoming a trusted partner within Line of Business.

  • Communicates risk and other control findings with key stakeholders, develops recommendations and provides accurate metrics and management reports on a timely basis

  • Provides guidance on remediation activities as it pertains to Line of Business products and services ensuring appropriate resolution of issues, action plans, breaks and remedies and support the closure.

Candidates with a minimum 7 years of experience in technology risk and controls, risk based consulting, and risk assessments. Minimum of 4 years of experience in PCI.

  • Bachelor's degree in Computer Science, Management Information Systems, Accounting Information Systems, or a related field. Experience within financial services areas is preferred.

  • Proven skills with the management and implementation and monitoring controls and processes related to PCI DSS

  • Knowledge and prior experience with all domains of Technology Infrastructure.

  • Experience with implementation and oversight of technology risk and controls, coordination of activities for audits and assessing an IT controls environment.

  • Detail oriented self-starter with strong conceptual, analytical, decision making, planning, time management and prioritization skills.

  • Ability to communicate oral and written ideas in a clear, concise manner, at all levels of the organization.

  • Prior experience in planning, coordination and implementation and the ability to work across teams and functions to execute and deliver.

  • Aptitude to up-skill and learn new technologies based on dynamic requirements.

  • Evaluating and making recommendations/decisions on technical options as appropriate.

  • Self-starter with high energy to meet the needs of a demanding business and IT environment

Preferred Skills:

  • Able to review, understand, and rely on technical and software documentation and apply that knowledge into practice.

  • Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction controls.

  • Advanced understanding of best practices and company policies.

  • Ability to interact with technical, non-technical, and business members of the organization

  • Knowledge of process-focused methodologies for IT related activities (Change Management, Incident Management, and SDLC).

  • Certification as QSA, ISA, CISSP, CISA, or other relevant qualifying certifications

  • Exposure to IT Risk and Process frameworks: PCI DSS, COSO, COBIT, NIST, ITIL.

The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.

We are looking for multi-disciplined forward-looking technologists like you with diverse backgrounds and experiences including in areas such as cybersecurity, big data, machine learning risk management and controls, compliance and oversight, cloud security.

When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.

At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.