Information Security Manager, Cybersecurity and Technology Controls, Vice President - Singapore
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
The Information Security Manager function helps in identifying, assessing, mitigating and monitoring of the various cyber and technology risks to the applications that support the Corporate Investment Bank business lines.
This role requires a wide variety of strengths and capabilities, including:
• Bachelor's degree or equivalent experience
• Strong leadership skills with exceptional communication and presence
• Advanced knowledge of multiple IT control and project management practices, and experience working across large environments
• Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
• Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection
• Extensive risk and control management experience and knowledge within Investment Banking or other financial institution.
• Application Risk and Control specialist
• Regulatory experience within Asia Pacific in a risk and control function
• Exposure to Cyber security controls
• Program and project management experience
• Experience in presenting & influencing risk-control agenda to technology and business management.
• Good understanding of business and system knowledge in markets, and various key controls.
• IT risk and control management for the Corporate and Investment Banking line of business
• Effective assessment of application and system controls
• Manage and monitor the IT Risk posture for the business, providing management with transparency over what these risks are and how they can be addressed
• Coordinate all relevant IT control activities (e.g., regulatory inspections and assessments, control testing, monitoring, reporting and remediation activities).
• Act as a subject matter expert in relation to IT Risk, Control and Cyber Security.
• Develop and maintain strong business and technology relationships, becoming a trusted partner, as well as building relationships with corporate functions such as Compliance, Business, Audit, Corporate IT Risk and Global Technology
• Participate in or lead programs to improve or remediate the control environment across the Corporate Investment Bank.
• Interpret regulatory requirements and corporate policies, communicate these clearly alongside current status, and provide oversight of compliance as required. Respond to regulatory enquiries and exams.
• Build a culture focused on the pro-active awareness and improvement of the risk environment.
• Demonstrated experience working with the regulators in the region, articulate in local regulations and laws pertaining to IT Risk is preferred.
• Stakeholder engagement skills, including ability to influence senior management.
• Ability and energy to design and drive change
• Excellent negotiation and influencing skills.
• Ability to gain understanding of regulatory and firm-wide control issues
• Strong decision making capability.
• Excellent communicator, oral and written
• Extensive experience in technology or IT risk management, preferably for financial institution and/or strong background in IT Risk Advisory
• Demonstrated capability of designing and implementing cross-functional programs; strong project management skills
• Track record of implementing successful risk or technology management solutions
• Track record of developing and maintaining senior-level stakeholder relationships
• Exposure to Market, e-banking technology applications and Athena suite knowledge preferred
• Industry qualification preferred e.g. CISA, CISSP, CRISC
When you work at JPMorgan Chase & Co., you're not just working at a global financial institution. You're an integral part of one of the world's biggest tech companies. In 15 technology centers worldwide, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $11B annual investment in technology enables us to hire people to create innovative solutions that are transforming the financial services industry.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we're building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you're looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.