Information Security Mgmt - Technology Risk & Controls Manager - Legal Obligations

We know that people want great value combined with an excellent experience from a bank they can trust, so we launched our digital bank, Chase UK, to revolutionise mobile banking with seamless journeys that our customers love. We're already trusted by millions in the US and we're quickly catching up in the UK – but how we do things here is a little different. We're building the bank of the future from scratch, channelling our start-up mentality every step of the way – meaning you'll have the opportunity to make a real impact. 

While we’re looking for professional skills, culture is just as important to us. We understand that everyone's unique – and that diversity of thought, experience and background is what makes a good team, great. By bringing people with different points of view together, we can represent everyone and truly reflect the communities we serve. This way, there's scope for you to make a huge difference – on us as a company, and on our clients and business partners around the world.

Our  Cybersecurity & Technology Controls team is at the heart of this venture, focused on getting smart ideas into the hands of our customers. We're looking for people who have a curious mindset, thrive in collaborative squads, and are passionate about new cybersecurity frameworks and solutions. By their nature, our people are also solution-oriented, commercially savvy and have a head for fintech

As a Regional Technology Risk & Controls Manager at JPMorgan Chase within the International Consumer Bank, you will be a part of a flat-structure organization. Your responsibility is to monitor events (circulars, notices, guidance, regulations, laws etc.) issued by various regulators globally and analyze impact of those to the Chase Technology organization.

 

Job summary 

The Cybersecurity and Technology Controls team supporting International Consumer Banking is looking to add a team member to monitor events (circulars, notices, guidance, regulations, laws etc.) issued by various regulators globally and analyze impact of those to the Chase Technology organization, working in conjunction with colleagues in our Global Technology organization as part of the Office of Legal Obligations process.

The team member would further map the impactful regulations to the Global Technology control catalog and assess gaps in the Global Technology policies, standards, control objectives and procedures. Potential control gaps are reviewed with relevant Control Design Authorities to enrich the control catalog to meet the regulatory requirements. 

 

Job responsibilities

• Conducting periodic review of events (circulars, notices, guidance, regulations, laws etc.) issued by regulators across the globe. Collaborate with stakeholders such as Tech Risk and Controls, Control Design Authorities, Standards Authors, Process owners and Product Security to assess impact and expectations of the Legal Obligations. 
• Perform End-to-End mapping of the Obligations with appropriate process/procedures. 
• Perform detailed gap analysis of the impacting Regulatory events.
• Partnering with the Global Technology Policies and Controls team to ensure policy area owners are informed of regulatory changes and relevant updates are applied in a timely manner.
• Engage Technology teams on the Office of Legal Obligations process and ensure consistent mapping of the Legal Obligations.
• Represent Chase on various Office of Legal Obligations Forums.

 

Required qualifications, capabilities and skills

• Proven experience in IT Risk and Compliance, Audit or IT Security, Standard/Policy Development.
• Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, emerging threats and vulnerabilities, including incident response methodologies
• Knowledge of cybersecurity & technology controls such as:
  • Control Governance, Policy Development; Identify & assess management; Cyber defense & fraud (incl. incident & event management, network & endpoint security, malware protection, digital forensics, threat & fraud intelligence, etc.); Data protection, Storage, Governance; Software and platform security; Resiliency; Vulnerability management, Control assessments & training
• Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. A demonstrated ability to analyze technology-focused regulations, articulation of risk and impact on Technology controls frameworks and industry best practices.
• Demonstrated ability to author Standards, Controls & Procedures; perform risk modeling, assess control design and operating effectiveness as well as articulate risks.
• Excellent reporting and presentation skills.

 

Preferred qualifications, capabilities and skills

• Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations.
• Outstanding verbal, interpersonal and written communication and presentation skills, including demonstrated ability to interact with both technical and non-technical stakeholders.
• An ability to work in a demanding, fast paced environment and handle multiple, competing priorities at one time.
• Relevant professional certification (e.g., CISSP, CISA, CRISC) or willingness to pursue. 

 

When you work at JPMorgan Chase & Co., you are not just working at a global financial institution. You are an integral part of one of the world’s biggest tech companies. In 20 technology centers worldwide, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $10B+ annual investment in technology enables us to hire people to create innovative solutions that will transform the financial services industry. 

 At JPMorgan Chase & Co. we value the unique skills of every employee, and we are building a technology organization that thrives on diversity. We encourage professional growth, career development, and offer competitive benefits and compensation. If you are looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you. 

 J.P. Morgan offers an exceptional benefits program and a highly competitive compensation package.

J.P. Morgan is an Equal Opportunity Employer.

 #ICBCareer 

 

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
   We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.