As an experienced professional in our Cybersecurity organization, youre equally committed to watching over our data today, as well as finding innovative new ways to protect it in the future. To do that, youll help lead a highly motivated team laser-focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. Youll use your leadership skills to give guidance, best practice advice and support across all our business and technology groups. Youll take the lead on incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving and selecting cost-effective solutions. Youll deploy best practices, new policies, and emerging trends to strengthen our strategic roadmap. Youll keep management, executive directors, managing directors and stakeholders in the loop, as well as managing people and budgets. As part of JPMorgan Chase & Co.s global team of technologists and innovators, your work will have a massive impact, both on us as a company, as well as our clients and our business partners around the world.
Social Engineering Testing Lead
Serve as Social Engineering (SE) Testing Lead within the firms Global Cyber Exercise Program responsible for managing the effective planning, execution, and reporting of SE testing capabilities used to identify and mitigate firmwide information security risk. This role supports the teams annual calendar of events as well as business, client and regulatory engagements, ensuring all testing adheres to organizational cybersecurity and technology control requirements. Specific duties include:
Responsibilities:
Lead the overall design and delivery of comprehensive SE assessments and resulting recommendations to baseline firmwide susceptibility to a variety of core SE attack vectors (phishing, vishing, SMShing, etc.)
Leverage data analytics to develop appropriate metrics (KRIs/KPIs) to measure SE risk and develop concrete strategies to drive risk down toward acceptable levels
Partner with senior Business, Product and Technology teams to scope SE testing, communicate outputs, and work toward remediation of said outputs
Direct all aspects of reporting and dispositioning, to include the firmwide Repeat Offender process within the Employee Compliance Framework, requiring direct interface with Employee Relations, Legal, and Compliance management
Drive development of enhanced SE training and awareness content and coordinate delivery of awareness sessions/hub talks in partnership with the CTC Training and Awareness team in an effort to continuously improve overall SE control effectiveness
Collaborate directly with third-party SE testing providers as well as JPMC supplier management teams to ensure third parties meet current testing requirements and are compliant with JPMC policies and standards; work with third party providers and JPMC sourcing on directing current and future third-party vendor relationships to support SE Testing execution
Maintain keen awareness of cybersecurity trends, specifically emerging threats, and articulate in business terms to key stakeholders
Qualifications:
- Demonstrated leadership in managing core technical or business capabilities; people management experience is a plus
- Strong understanding how emerging cybersecurity threats can impact JPMCs core lines of business
- Successful track record managing complex projects across multiple business and technology teams in order to deliver high-quality products/services within strict deadlines
- Experience formulating and/or interpreting cyber threat analyses of adversary techniques,tactics, and procedures used to disrupt computer networks
- Experience developing and presenting briefings to senior leaders and large audiences
- Excellent writing skills and ability to communicate effectively
- Experience working both independently and in a virtual, collaborative environment is essential
- Strong interpersonal and communication skills at all levels of a large enterprise organization
- Proficiency in the use of the Microsoft Office Suite with an emphasis on PowerPoint
- Experience in communications, middleware, messaging and database technologies a plus
- Undergraduate degree in Computer Science, Cyberspace, Psychology, Criminal Studies, Information Assurance, and/or Banking/Finance (equivalent experience accepted in lieu of degree)
- BS/BA degree or equivalent experience
- Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
- Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity
- Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
- Expertise in Agile and can work with at least one of the common frameworks
- Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firms cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The groups number one priority is to enable the business by keeping the firm safe, stable and resilient.
We are looking for multi-disciplined forward-looking technologists like you with diverse backgrounds and experiences including in areas such as cybersecurity, big data, machine learning risk management and controls, compliance and oversight, cloud security.
by via developer jobs - Stack Overflow
No comments:
Post a Comment