VP - Information Security Management (ISM)

JP Morgan

Location: Greater London

Job Type: Full time

Posted

The most difficult thing is the decision to act, the rest is merely tenacity.
- Amelia Earhart

Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices, and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.

This role requires a wide variety of strengths and capabilities, including:

  • Technology risk management: candidate likely to have 7+ years technology experience across a broad range of architectures. Security Architecture experience with hands on experience leading, designing and delivering technology solutions.
  • At least 7 years work experience in the area of technology risk. Successful candidate is likely to have held roles such as Security Architect, IT Risk Manager, Risk Manager, IT Manager, Information or IT Security Manager, IT Audit Manager, IT Incident Manager or Business Continuity Manager, security analyst.
  • Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection
  • Extensive experience with securing cloud(both Public and private), multitenant and Hybrid environments.
  • Solid experience designing secure applications from the ground up (SSDLC)
  • Experience conducting architecture reviews to find and evaluate application and infrastructure security risks using Threat Modeling methodologies (e.g. STRIDE)
  • Conduct manual, language agnostic code review to identify security related vulnerabilities
  • Advanced knowledge of multiple IT control and project management practices and experience working across large environments
  • Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
  • Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
  • Relevant business experience/qualifications/knowledge: Expertise established in assessing and articulating technology risk in the context of various other operational risks and challenges facing the organization.
  • Strong leadership skills with exceptional communication and presence
  • Bachelor’s degree or equivalent experience
  • Relevant technical qualifications such as MIRM, CRISC, CISM, CISA, CISSP, AWS Certified Security etc;
You’ve got this!