Technology Cybersecurity Operational Risk Management Lead - Vice President

:

Category: CCOR LOB/CF/Country Coverage

Job Schedule:

Full time

Posted Date: T21:39:24+00:00

Job Shift:

Base Pay/Salary:
Brooklyn,NY $-$

Bring your Expertise to JPMorgan

Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan

Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

As a Cybersecurity Operational Lead in Compliance, Conduct, and Operational Risk team, you will collaborate across the first, second, and third lines of defense to assess global cybersecurity risks across the JPMorgan

Chase technology estate. You lead risk assessments, significant event reviews, and control monitoring across security configuration and security operations domains. You apply hands-on security control experience to evaluate large environments, communicate risk and control effectiveness to senior leaders, and recommend mitigation actions. You help us strengthen operational resilience through consistent oversight and credible challenge.

Job responsibilities:

* Engage with technology and cybersecurity teams to evaluate processes, controls, and risks

* Assess cybersecurity risk impacts at the line of business and enterprise levels

* Identify global risk concentrations and evaluate control effectiveness and residual risk

* Write and present risk and control assessments to Executive Directors, Managing Directors, and governance forums

* Coordinate with peers to deliver long-running assessments and oversight activities on schedule

* Maintain domain expertise in an assigned security control area and provide credible challenge and guidance

* Monitor cyber trends, vulnerabilities, and emerging technologies to inform oversight priorities

* Perform independent operational risk assessments through monitoring programs, including significant event reviews, deep dives, risk metrics, and risk appetite assessments

Required qualifications, capabilities, and skills:

* 5 years plus of experience as a technologist in cybersecurity, technology development, engineering, or technical architecture within financial services

* Strong understanding of enterprise risk management concepts and practices

* Experience in cybersecurity practices such as vulnerability management, penetration testing, incident response, endpoint protection, data loss prevention, email security, SIEM, DDoS, or public cloud security configuration

* Ability to understand complex technical systems and the business processes they support, assess inherent risk, and recommend mitigating controls

* Ability to work with limited supervision and deliver results on long-running projects

* Exceptional written and verbal communication skills

* Knowledge of cybersecurity frameworks such as NIST CSF or FFIEC

Preferred qualifications, capabilities, and skills:

* Experience translating on-premises security configurations and operational processes into multi-cloud environments

* Understanding of how cloud and on-premises controls support regulatory compliance requirements

* One or more information security or cloud certifications, such as CISSP, CISM, GIAC, CCNA Security, AWS Security Specialty, or Azure Security Engineer