JPMorgan Chase & Co. (NYSE: JPM)
is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/
The Cybersecurity organization’s objective is to ensure that JPMC is able to effectively detect, prevent, and respond to cyber threats against our technology infrastructure. The scope of Cybersecurity comprises detection and monitoring of threats and vulnerabilities, managing security incidents, and evolving our preventive infrastructure to keep ahead of the threat. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the Firm's risk posture.
Global Cybersecurity Operations is a combined Operations and Intelligence organization. The team is fully dedicated to identifying and minimizing cyber-related threats, incident response, while remaining compliant with the firm's information security requirements. The team operates 24 hours a day, seven days a week, every day of the year.
The Third Party Incident Coordinator will be responsible for the coordination of third party cybersecurity incidents as well as collaborating with JPMC’s Third Party Oversight team on cybersecurity assessments.
Roles and Responsibilities
- Assess third party security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact to JPMorgan Chase & Co.
- Coordinate response from Firmwide Cybersecurity colleagues and other internal teams, including but not limited to Legal, Compliance, Oversight & Control and TPO management teams
- Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm.
- Communicate effectively with representatives of the Lines of Business, technology specialists, and third parties.
- Manage deliverables pertaining to regulatory & legal engagements, including responding to inquiries, managing examinations, and providing substantiation material
- Assist in the analysis of findings in investigative matters, and develop fact based reports of events
- Work closely with the technology risk teams to assess risk and provide recommendations for improving our security posture.
- Communicate assessments to senior leadership and recommend course of action to be undertaken
- Able to work under pressure in time critical situations
- A minimum 3 years in a highly visible leadership role
- 10+yrs of Information Technology, Cybersecurity, or Information Risk experience.
- A graduate degree or equivalent experience (in computer science, information systems management, business administration or related field) is preferred.
- Information security certifications (such as CISSP, CISA, CISM or related certifications) would be preferred
- Demonstrate proficiency in incident response and digital forensics
- Demonstrate strong organizational and time management skills with the ability to adapt and adjust to changing and sometimes conflicting priorities and to manage multiple assignments with challenging / conflicting deadlines in a fast paced environment
- Outstanding verbal, interpersonal and written communication and presentation skills, including demonstrated ability to interact with both technical and non-technical stakeholders
- Ability to develop and maintain strong partnerships with key stakeholders, and to work across LOBs and regions, balancing the needs of multiple organizations
- Exposure to information security principles and relevant standards including Access Management, Change Management, Security Incidents and Business Continuity Management.
- Must have a solid Information Business Risk background, including risk analysis, privacy, and data protection.
- Demonstrated ability to work effectively with all levels of and organization from executives to technology specialists.
- Expertise in risk management approaches to assess and address security and other types of Information Technology-related risks.
- Integrity and high standards of personal and professional conduct.
- Experience with evolving state-of-the-art information security technologies, technology policy and security administration.