Insider Risk Program Lead

at JPMorgan Chase in Newark, Delaware, United States

JPMorgan Chase & Co . ( NYSE : JPM ) is a leading global financial services firm that comprises an important part of the financial sector and U.S. critical infrastructure with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at .

Global Security (GS)protects the firm’s employees and assets throughout the world. This responsibility includes the development of security and safety policies and procedures, regulatory and legislative compliance, corporate aviation, guard management, alarm response, crisis management, ATM , branch and corporate building security and customer safety, physical crime investigations, workplace violence, fire and life safety, pre-employment screening, fraud and employee investigations.

Within GS, the Threat Detection and Analysis team is responsible for identifying potential threats against the firm and its workforce from internal and external actors and developing strategies to mitigate those threats to protect the firm’s reputation, workforce, clients, and assets.

The Insider Risk Program Lead is an Executive Director role that will support the head of Insider Risk in defining and executing on the firm wide Insider Risk Program. The Program Director will be responsible for leading the identification, monitoring, testing, evaluation, and governance of insider risk processes and controls for the company. The candidate must be a highly motivated individual with strong leadership and influencing skills, able to leverage their experience to advance the firm’s framework and program for identifying and mitigating threats and related insider risks. The leader will define messaging and represent the Firm wide Insider Risk function to senior management and regulators, providing escalation of material risks and advisory guidance and best practice across the insider risk discipline to internal and external stakeholders. The position will lead design review efforts for enhancement of enterprise controls, advise on insider risk reduction, assist in the assessment of insider control efficacy, and evaluate metrics for completeness, effectiveness, and suitability. The position will also work with various partners within the firm, including but not limited to Cybersecurity, Technology, Risk Management & Compliance, Legal, Human Resources, and Regulatory Affairs, as well as external partners. The ability to work effectively with a diverse set of stakeholders is essential. The role requires creativity, critical thinking, strong communication and influencing skills, and the ability to work across a large and complex organization that features prominently in both U.S. critical infrastructure and the global financial ecosystem. This leader will act as an insider risk Subject Matter Expert ( SME ) in key governance forums, control committees, and regulatory meetings.

Job responsibilities

+ Leverage corporate and industry frameworks to structure Insider the insider risk framework and program

+ Develop a strategy to govern Insider Risks across the firm working closely with the Threat Detection and Analysis Risk lead and the various domain owners.

+ Assess processes, controls, technologies, metrics, and reporting used for Insider Risk.

+ Engage with various security and control teams understand the control environment, both procedural and technical

+ Partner closely with programs on Insider Risk, Strategic Threats, Workplace Violence and key stakeholders

+ Devise recommendations and solutions to continuously improve the insider risk program

+ Assist federated insider risk domains in the development of insider risk scenarios and corresponding program metrics

+ Present written and oral communication of the Insider Risk Program development and progress to senior management and stakeholders

+ Develop awareness of leading-edge processes and technologies to detect, assess and mitigate internal and external threats

+ Keep abreast of current global causes of both insider and external threats (e.g. political, financial, ideological)

+ Engage with industry, professional, and government organizations in support of the same goals

Required qualifications, capabilities, and skills

+ 10+ years’ proven experience in program management

+ Extensive knowledge of governance and risk management frameworks

+ Demonstrated technical acumen and extensive experience in and knowledge of cybersecurity architecture, controls and operations.

+ Skills Required: Requires seven (7) years of experience in the following: Security Architecture; Financial Services; Security Operations; Security Monitoring; Security Incident Response; Cyber Forensics; Vulnerability Management; Desktop and Server Security; Network Security; Perimeter Security; Data Security; Cloud and Third Party Security; and working with regulators.

+ 10+ years’ proven experience in risk and security fields – e.g., cyber security, physical security, human threat detection, insider threat, behavior analytics, counterintelligence

+ Knowledge of compliance, conduct, and operational risk management frameworks and processes; ability to anticipate and identify risks and effective mitigants

Preferred qualifications, capabilities, and skills

+ Understanding of security organization practices, operations, and current and emerging technologies, including insider threat detection and incident response methodologies

+ Inquisitive nature and comfort challenging current practices; proven track record of driving ideas forward and influencing

+ Adept at developing relationships with senior business executives; reputation for partnering across organization lines to mitigate risks

+ Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results

+ Demonstrated written and oral communication skills and excellent analytical and problem-solving skills

+ Ability to collaborate with high-performing teams and diverse stakeholders to accomplish common goals

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate