Job Description

Our Information Security professionals are passionate about information security, analysis and control solutions. You'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm.

The Information Security Manager (ISM) function helps in identifying, assessing, mitigating and monitoring cyber and technology risks to applications that support the Firm along with understanding and ensuring compliance to local regulatory requirements.

• As an ISM, you will operate as a trusted advisor, and play an important role to support the business strategy, manage risk, and align security controls and capabilities engaging in areas of development, design and execution of our global and line of business specific control programs.
• You will understand and interpret country-specific regulatory requirements and corporate policies, communicate these clearly alongside current statuses, and provide oversight of compliance as required.
• Manage and monitor the Technology/Cyber risk posture for the business, providing management with transparency over what these risks are and how they can be addressed
• This role will partner with other technology teams, lines of business, and cybersecurity teams to ensure JPMC's security architecture, policies, standards, risk assessments, monitoring, and regulatory requirements are followed.
• The role will also require active participation and interface with the Business Controls Management teams, audit, and external regulators.

This role requires a wide variety of strengths and capabilities, including:

• Bachelor's degree or equivalent educational qualification
• Minimum 10 years of relevant work experience
• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, secure systems development lifecycle, vulnerability management, data protection, technology resiliency and governance metrics
• Strong communication and stakeholder engagement skills with ability to influence senior management
• Business experience in Investment Banking- Market Trading Systems, Payments, Post Trade processing, Securities
• Experience in Cloud Security, Secure application design and Threat Modeling Methodologies
• Conduct manual, language agnostic code review to identify security related vulnerabilities
• Expertise established in assessing and articulating technology risk in the context of various other operational risks and challenges facing the organization
• Experience working across large environments and ability to collaborate with teams and individuals throughout the firm to accomplish common goals
• Ideally working experience with APAC regulators - in particular, the Monetary Authority of Singapore
• Relevant technical qualifications such as MIRM, CRISC, CISM, CISA, CISSP, AWS Certified Security etc
• Knowledge in emerging technologies such as APIs, Cloud computing and Blockchain is preferred

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.