Senior Security Manager - Technology Risk and Controls all genders
Senior Security Manager - Technology Risk and Controls all genders
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Excited by the opportunity to build innovative digital retail banking products and services in a startup environment backed by one of the leading financial service providers worldwide
Join us at JPMorgan & Chase Co. at our newest European hub for Chase bank located in the heart of Berlin. In this exciting chapter of continued growth and expansion for Chase as a passionate Senior Tech Risk and Controls Manager you will be responsible for providing guidance and solutions that assist in the management of cybersecurity and technology risk for the firm.
Working with our cybersecurity team youll be at the forefront of innovation designed to strengthen our operations.
As a Senior Security Managerworking in Cybersecurity and Technology Controls (CTC) youll design and implement processes governance controls and tools that safeguard the firms computing environment. You will have the opportunity to explore a wide range of cybersecurity and technology risk management topics and engage directly with engineering business and other control functions to collaborate and solve problems that allow us to create trust at scale. Managing risks and overseeing cybersecurity and technology youll gain key insight into todays complex risk and regulatory landscape.
Job responsibilities:
- Ensure technology risk impacting the business is effectively identified quantified communicated and managed including recommendations for resolution and identifying the root cause/key themes.
- Provide guidance and advice to technology teams and ensure controls are hardened through testing and as part of production deployments.
- Provide first line oversight and monitoring of key risks across technology including core architecture and infrastructure data management development and cyber security.
- Support regional oversight and governance by leveraging specific KPIs and KRIs.
- Work closely with the security architecture teams to ensure security controls are reviewed as part of new product designs or current product enhancements.
- Interface with technology and other supporting corporate functions on an ongoing basis for businessasusual risk activities reporting and project initiatives.
- Evaluate regulatory and policy changes relating to cybersecurity and technology impacting the International Consumer business.
- Partner with Product Security Controls Business and Engineering to raise awareness and drive improvements in Cybersecurity landscape.
Required qualifications capabilities and skills
- Deep understanding in relevant regulations related to Retail Banking in Germany as well as the EBA Guidelines on ICT and Security Risk Management or the EBA Guidelines on Outsourcing Arrangements and/or ISO27001 DORA GDPR and NIST frameworks.
- Knowledge in information security domains including policies and standards risk and control assessments access controls regulatory compliance technology resiliency risk and control governance and metrics incident management secure software development lifecycle vulnerability management thirdparty risk management and data protection with experience in medium to large environments.
- Analytical skills including solving and communicating complex problems data analytics measurement and reporting needed to drive continuous improvement
- Experience working with Cloud and relevant modern engineering practices such as containerization access management monitoring and/or CI/CD security.
- Understanding in application and infrastructure highavailability and resilient architectures
- Ability to collaborate and navigate organizational levels/boundaries to safeguard the firms computing environment in a complex risk and regulatory landscape
- Ability to clearly translate and communicate cyber risk via written verbal and presentation formats to various stakeholders in Cyber Technology and Business.
- Excellent communication skills in English and communicative knowledge of German.
Preferred qualifications capabilities and skills
- 5 years of experience or equivalent expertise in technology risk management information security or a related field with a focus on risk identification assessment and mitigation
- Certified in CISA CISM CRISC CISSP CCSP ISO/IEC 27001 Lead Implementer or similar
- Deep understanding of IT risk management operating models three linesofdefense frameworks integrated risk management practices and/or risk intelligence capabilities.
- Experience operating within a regulated industry.
Required Experience:
Manager
Employment Type
Full-Time
