JPMorgan Insider Risk Program Lead - Executive Director 

United States, Delaware 

793798954

As an Insider Risk Program Lead within the Global Security team, you will be responsible for leading the identification, monitoring, testing, evaluation, and governance of insider risk processes and controls for the company. You will leverage your experience to advance the firm’s framework and program for identifying and mitigating threats and related insider risks. You will work closely with various partners within the firm, including but not limited to Cybersecurity, Technology, Risk Management & Compliance, Legal, Human Resources, and Regulatory Affairs, as well as external partners. This role provides an opportunity to work across a large and complex organization that features prominently in both U.S. critical infrastructure and the global financial ecosystem.

Job responsibilities

• Leverage corporate and industry frameworks to structure Insider the insider risk framework and program
• Develop a strategy to govern Insider Risks across the firm working closely with the Threat Detection and Analysis Risk lead and the various domain owners.
• Assess processes, controls, technologies, metrics, and reporting used for Insider Risk.
• Engage with various security and control teams understand the control environment, both procedural and technical
• Partner closely with programs on Insider Risk, Strategic Threats, Workplace Violence and key stakeholders
• Devise recommendations and solutions to continuously improve the insider risk program
• Assist federated insider risk domains in the development of insider risk scenarios and corresponding program metrics
• Present written and oral communication of the Insider Risk Program development and progress to senior management and stakeholders
• Develop awareness of leading-edge processes and technologies to detect, assess and mitigate internal and external threats
• Keep abreast of current global causes of both insider and external threats (e.g. political, financial, ideological)
• Engage with industry, professional, and government organizations in support of the same goals

Required qualifications, capabilities, and skills

• 10+ years’ proven experience in program management
• Extensive knowledge of governance and risk management frameworks
• Demonstrated technical acumen and extensive experience in and knowledge of cybersecurity architecture, controls and operations.
• Skills Required: Requires seven (7) years of experience in the following: Security Architecture; Financial Services; Security Operations; Security Monitoring; Security Incident Response; Cyber Forensics; Vulnerability Management; Desktop and Server Security; Network Security; Perimeter Security; Data Security; Cloud and Third Party Security; and working with regulators.
• 10+ years’ proven experience in risk and security fields - e.g., cyber security, physical security, human threat detection, insider threat, behavior analytics, counterintelligence
• Knowledge of compliance, conduct, and operational risk management frameworks and processes; ability to anticipate and identify risks and effective mitigants

Preferred qualifications, capabilities, and skills

• Understanding of security organization practices, operations, and current and emerging technologies, including insider threat detection and incident response methodologies
• Inquisitive nature and comfort challenging current practices; proven track record of driving ideas forward and influencing
• Adept at developing relationships with senior business executives; reputation for partnering across organization lines to mitigate risks
• Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results
• Demonstrated written and oral communication skills and excellent analytical and problem-solving skills
• Ability to collaborate with high-performing teams and diverse stakeholders to accomplish common goals