Information Security Mgmt - Technology Risk & Controls Manager - Legal Obligations
Warszawa, Mazowieckie, Poland
JPMorgan Chase & Co.
We know that people want great value combined with an excellent experience from a bank they can trust, so we launched our digital bank, Chase UK, to revolutionise mobile banking with seamless journeys that our customers love. We're already trusted by millions in the US and we're quickly catching up in the UK – but how we do things here is a little different. We're building the bank of the future from scratch, channelling our start-up mentality every step of the way – meaning you'll have the opportunity to make a real impact.
While we’re looking for professional skills, culture is just as important to us. We understand that everyone's unique – and that diversity of thought, experience and background is what makes a good team, great. By bringing people with different points of view together, we can represent everyone and truly reflect the communities we serve. This way, there's scope for you to make a huge difference – on us as a company, and on our clients and business partners around the world.
Our Cybersecurity & Technology Controls team is at the heart of this venture, focused on getting smart ideas into the hands of our customers. We're looking for people who have a curious mindset, thrive in collaborative squads, and are passionate about new cybersecurity frameworks and solutions. By their nature, our people are also solution-oriented, commercially savvy and have a head for fintech
As a Regional Technology Risk & Controls Manager at JPMorgan Chase within the International Consumer Bank, you will be a part of a flat-structure organization. Your responsibility is to monitor events (circulars, notices, guidance, regulations, laws etc.) issued by various regulators globally and analyze impact of those to the Chase Technology organization.
Job summary
The Cybersecurity and Technology Controls team supporting International Consumer Banking is looking to add a team member to monitor events (circulars, notices, guidance, regulations, laws etc.) issued by various regulators globally and analyze impact of those to the Chase Technology organization, working in conjunction with colleagues in our Global Technology organization as part of the Office of Legal Obligations process.
The team member would further map the impactful regulations to the Global Technology control catalog and assess gaps in the Global Technology policies, standards, control objectives and procedures. Potential control gaps are reviewed with relevant Control Design Authorities to enrich the control catalog to meet the regulatory requirements.
Job responsibilities
- Conducting periodic review of events (circulars, notices, guidance, regulations, laws etc.) issued by regulators across the globe. Collaborate with stakeholders such as Tech Risk and Controls, Control Design Authorities, Standards Authors, Process owners and Product Security to assess impact and expectations of the Legal Obligations.
- Perform End-to-End mapping of the Obligations with appropriate process/procedures.
- Perform detailed gap analysis of the impacting Regulatory events.
- Partnering with the Global Technology Policies and Controls team to ensure policy area owners are informed of regulatory changes and relevant updates are applied in a timely manner.
- Engage Technology teams on the Office of Legal Obligations process and ensure consistent mapping of the Legal Obligations.
- Represent Chase on various Office of Legal Obligations Forums.
Required qualifications, capabilities and skills
- Proven experience in IT Risk and Compliance, Audit or IT Security, Standard/Policy Development.
- Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, emerging threats and vulnerabilities, including incident response methodologies
- Knowledge of cybersecurity & technology controls such as:
- Control Governance, Policy Development; Identify & assess management; Cyber defense & fraud (incl. incident & event management, network & endpoint security, malware protection, digital forensics, threat & fraud intelligence, etc.); Data protection, Storage, Governance; Software and platform security; Resiliency; Vulnerability management, Control assessments & training
- Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. A demonstrated ability to analyze technology-focused regulations, articulation of risk and impact on Technology controls frameworks and industry best practices.
- Demonstrated ability to author Standards, Controls & Procedures; perform risk modeling, assess control design and operating effectiveness as well as articulate risks.
- Excellent reporting and presentation skills.
Preferred qualifications, capabilities and skills
- Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations.
- Outstanding verbal, interpersonal and written communication and presentation skills, including demonstrated ability to interact with both technical and non-technical stakeholders.
- An ability to work in a demanding, fast paced environment and handle multiple, competing priorities at one time.
- Relevant professional certification (e.g., CISSP, CISA, CRISC) or willingness to pursue.
When you work at JPMorgan Chase & Co., you are not just working at a global financial institution. You are an integral part of one of the world’s biggest tech companies. In 20 technology centers worldwide, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $10B+ annual investment in technology enables us to hire people to create innovative solutions that will transform the financial services industry.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we are building a technology organization that thrives on diversity. We encourage professional growth, career development, and offer competitive benefits and compensation. If you are looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.
J.P. Morgan offers an exceptional benefits program and a highly competitive compensation package.
J.P. Morgan is an Equal Opportunity Employer.
#ICBCareer
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Banking Big Data CISA CISSP Cloud Compliance CRISC Cyber defense Endpoint security FinTech Forensics Governance Incident response Machine Learning Malware Product security Risk management Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Health care Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs