|Job Type:||Full Time|
Our senior leaders in Global Technology Resiliency (GTR) are passionate experts in technology resiliency and recovery, crisis management, risk analysis, and control solutions. Our purpose is to ensure the security and resiliency of the Firm's computing environment, protect the customer and employee confidential information and comply with regulatory requirements globally.
In this role, as a member of the Europe Middle East and Africa (EMEA) Technology Resiliency Governance team, you'll focus on Technology Resiliency for the EMEA Region, while partnering with a team of experts across all Lines of Business (LOBs) to help ensure the Firm’s compliance with global laws and regulations as they relate to resiliency risk and improve the availability and resiliency capabilities of our critical applications and infrastructure. Execution and delivery is achieved through active collaboration with other control areas (Cyber, Third Party, Technology Infrastructure, etc.) to safeguard and protect the Firm’s assets. As a recognized subject matter expert for the EMEA region specifically for the following regulatory bodies: European Central Bank (ECB) and Prudential Regulation Authority (PRA) at the Bank of England, you'll have the chance to engage in strategic dialogue with business and technology leaders from across the firm—and have a direct influence on the future state of resiliency at JPMorgan Chase & Co. Additionally, you will lead the development and management of all Global Technology Resiliency Standards from all angles.
The ideal candidate must possess strong leadership skills and demonstrated success in managing matrix teams, driving multiple complex and large scale initiatives. The individual must be extremely disciplined and organized, yet comfortable in a rapidly changing, dynamic environment. A high energy, fast paced, “roll-up your sleeves” attitude and commitment to success and be results driven are essential. Strong verbal and written communication skills, as well as, experience presenting and influencing senior managers are a must.
- Identify Technology Resiliency risks – develop/document mitigation and monitor action plans through resolution
- Monitor effectiveness of resiliency plans during incidents and identify opportunities for improvement
- Build relationships with stakeholder across Global Technology, Firm wide Business Resiliency and Lines of Business. particularly within the regional technology resiliency community
- Support regional governance
- Support / run regional resiliency meetings; Provide updates for regional and global governance committees
- Regional resiliency metrics - compilation and commentary, proposal of efficiency / automation opportunities, proposal of new metrics to support GTR programs and objectives
- Oversee regional data center resiliency testing, issue identification and follow up actions
- Oversee regional data center strategy (in particular in-country data centers) with respect to resiliency – monitor progress, identify / document issues and resolution
- Regional regulatory support
- Catalogue and map new and modified regional resiliency regulations
- Identify gaps against resiliency regulations (ECB and PRA)
- Develop and propose appropriate changes to address resiliency regulatory gaps
- Liaise with Global Technology Policy and Controls (GTPC), Office of Legal Obligations (OLO) and other regulatory stakeholders
- Support / complete regulatory assessments, questionnaires and inspections
- Advise and support LOBs during Technology Operational Risk Management and Audit technology resiliency reviews
- Partner with Global Technology Resiliency (GTR) colleagues to leverage lessons from other regions to implement consistent approaches proactively develop regional initiatives
- Major initiatives to lead across the EMEA region include:
- Transition to Critical Business Services approach
- Adoption of Operational Resiliency approach (in particular UK Authorities requirement for Impact Tolerances)
- Strategic Data Center migration and adoption of Resiliency Rules
- Support and contribute to group and organization initiatives, programs and reporting from Cyber Defense and Fraud, Cyber Security and Technology Controls and Global Technology as required
- Expertise in application and infrastructure high-availability and resiliency architectures
Technology Resiliency Control Domain Authority (CDA)
- Develop understanding of all aspects of the CDA framework
- Manage the development of the Technology Resiliency controls (Standards, Control Objectives, Control Procedures etc.) to support GTR initiatives, address control framework transformation and any gaps identified
- Support / run global Technology Resiliency Standards Working Group
- Develop control changes and follow CDA process to implement approved changes
- Partner with GTR initiative leads to maintain a schedule of control changes
- Develop resiliency view of emerging technologies (e.g. Bots, A.I.,etc.), with subject matter experts (SMEs), to inform GTR and develop appropriate controls to identify and reduce technology resiliency risk.
This role requires a wide variety of strengths and capabilities, including:
- Bachelor’s degree or equivalent experience
- Seasoned leadership skills with exceptional communication and presence
- Proven advanced knowledge of multiple IT control and project management practices, and experience working across large environments
- Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection
- Ability to:
- Translate detailed technical requirements into clear and concise risk descriptions and control expectations
- Work with practitioners and communicate effectively with senior management
- Collaborate with high-performing teams and individuals throughout the firm and across LOBs to accomplish common goals
- Drive consensus and navigate diverse requirements and priorities
- Flexible and adaptive; strong relationship building and influencing skills
- Strong logical, analytical and quantitative mind-set and skills
- Technically curious and self-educator.
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.
When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech organizations. In 20 technology centers worldwide, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $10B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.
© 2019 JPMorgan Chase & Co. JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.