Cloud Information Security Manager (ISM) for Payments Technology

Company: JPMorgan Chase
Location: Plano
Posted on: March 17, 2023

Job Description:

**Description**JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the World's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/.**Summary**Cybersecurity & Technology Controls (CTC) is part of the broader Global Technology organization Our mission is to ensure the security and resiliency of the computing environment, protect confidential information, comply with regulatory requirements, and manage risk and controls for the firm, globally. We accomplish this through strong information security leadership and active collaboration with line of business information security managers to provide high quality security solutions and services that are focused on improving the overall technology risk posture.As an experienced professional in our cybersecurity organization, you won't just watch over our data - you will find innovative new ways to protect it today and into the future. To do that, you'll focus on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our security postures. You'll use your leadership skills to secure complex environments, guide others, advise on best practices and support our business and technology groups. You'll help secure the firm thru secure design principals, harden reference architectures, best practices, new policies and emerging trends to strengthen our strategic roadmap. You will interface with staff at all levels of the organization and the ability to remain technical while managing business expectations is highly important. By presenting your findings to senior leaders, you'll sharpen your communication and presentation skills. As part of our global team of technologists and innovators, your work will have a critical impact on our company, as well as our clients and our business partners around the world.This role will have opportunity to interact with internal technologists around the globe in support of business growth, adoption of modern technologies, and mergers and acquisitions.**What You Will Be Doing** **:**This is a technical trusted-advisor role working with our payment architects and technology teams. In this role, you will partner with internal customers, to ensure the World-Class solutions being built are designed and brought to life securely. To be successful in this role, you have experience in cloud and hybrid architectures, ability to translate deeply technical solutions to higher-level stakeholders, explain and manage risk, and be the voice to ensure technical solutions are designed to meet compliance requirements (i.e.: PCI-DSS).This role is hybrid between solutions architect, technical risk advisor, and internal consultant. You have experience in various security, risk & compliance domains such as; tech, cyber, cloud, compliance, API, and Microservices.+ Define, Design, and Guide secure architecture throughout existing and future payment technology environments.+ Work with internal technology team to ensure security and compliance is designed from-the-start for modern technology stacks such as public cloud, containers, API gateways, microservices & serverless platforms.+ Advise and assist on opportunities for architectural patterns, repeatability, and advise on deviations. In this context, a strong understanding of security tooling is important as you as you will advise your stakeholders on how and where to leverage various security products to mitigate risk.+ Be the trusted advisor to your respective stakeholders to consultant and manage risk in their space.+ Be a strong technologist and a natural collaborator across the firm.+ Research, design and apply advanced security techniques such as threat modeling and structured architecture reviews.+ Translate and advise on technical designs that must meet risk profile and compliance needs in a global context. Including cross-border, data sovereignty, and design/advise to ensure our tech teams meet respective regulatory requirements applicable to their workloads.+ Partnering with our Commercial and Investment Bank and other technical teams to ensure area owners are advise and oversee security design and implementation, applied in a timely manner.+ Ability to translate deeply technical concepts into risk, compliance, and to business stakeholders.+ improvements in implementation patterns and architectural design concepts.+ Providing regular management reporting to senior management and relevant stakeholders in business units.**Qualifications**+ Minimum 5+ years of experience in Information security in an operation, engineering, or technical architect role.+ Background in infrastructure, system administration, & secure software development lifecycle desired, with requirement of professional security experience.+ Combination of experience with security tooling & products, risk management, standards, architecture principles, threat and vulnerability management, and incident response methodologies.+ Professional experience with modern technologies such as public cloud (AWS, Azure, etc.), hybrid architectures, containerization and orchestration (Kubernetes), API security, & microservice architectures.+ Understanding or hands on experience with programming languages is desired.+ Versed in application and secure software design principles, web application security and related attack patterns (OWASP Top-10), and technical mitigation solutions.+ Solid understanding of Identity and Access Management (IAM) in an enterprise and hybrid environments, not limited to SSO, Oauth, SAML, AD & ADFS, Privileged Access Management, RBAC, etc.+ Understanding of information security and risk management challenges, issues mitigations and remediation in a multi-national enterprise environment.+ Professional experience with regulatory and compliance requirements, specifically direct involvement in designing technology to meet compliance controls, is highly desired.+ Demonstrated experience operating as a leader and leading others either directly or by mentorship or partnership.JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the "WELL Health-Safety Rating" for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. Employees are expected to follow the Firm's current COVID-19 or other infectious disease health and safety requirements, including local requirements. Requirements include sharing information including your vaccine card in the firm's vaccine record tool, and may include mask wearing. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests as required by applicable law.We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, discretionary incentive compensation which may be awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.Equal Opportunity Employer/Disability/Veterans**Base Pay/Salary**Palo Alto,CA $97,850.00 - $150,000.00 / year

Keywords: JPMorgan Chase, Plano , Cloud Information Security Manager (ISM) for Payments Technology, Executive , Plano, Texas