Join our dedicated team in a role where your expertise in risk assessments and cybersecurity exercises propels forward our mission of safeguarding our operations and enhancing resiliency. This position offers the unique opportunity to shape our security posture and contribute to our continuous improvement in an environment that values innovation and teamwork.
As an Assessments & Exercises Senior Associate in the newly formed Firmwide Technology Resiliency (FTR) Organization, you will help enhance the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. Collaborate with the team to design and execute risk-driven tests and simulations in the face of today’s evolving threat landscape. This role is part of JPMorgan’s APAC Resiliency Testing team, tasked with executing targeted resiliency simulations across all major Lines of Business and Corporate Functions and technology testing of data centers, thereby strengthening technology and business controls, increasing preparedness, and ensuring effective response and recovery capabilities against today’s most prevalent threats. In this role you will interface with the firm’s business and technology leaders to pinpoint areas of emerging risk, partner with deep subject matter experts to craft realistic simulation/testing scenarios and objectives, and drive tangible lessons learned to completion through a robust findings management process that is risk-based, and metrics driven.
Job responsibilities
• Participate in effective planning, design, conduct, and evaluation of both internal and external resiliency simulations and testing in accordance with the firm’s business and technology standards as well as global regulatory frameworks
• Support across all aspects of exercise project management, spanning the entire engagement lifecycle (i.e., plan, design, conduct, and assess) to include scheduling meetings, reserving venues, facilitating discussions, and providing senior leader project updates
• Coordinate with key stakeholders across the firm to develop tailored, all-hazards simulation scenarios that achieve business, resiliency, technology, and/or cyber incident response objectives
• Support post-exercise after-action analysis, reporting, and assessment, synthesize corrective actions, implement tracking/monitoring of progress, and design future simulations to validate improvements
• Identify and address opportunities in process, procedures, tooling, and knowledge management.
• Support overall team strategy and capability uplift initiatives to drive rapid maturity
Required qualifications, capabilities, and skills
• Minimum 3 years of experience in planning, developing, and coordinating incident response playbooks, runbooks, or other key operational processes across a large organization. General knowledge of, and experience working within, the financial services sector is preferred
• Bachelor’s Degree in Computer Science / Information Systems / Engineering or related disciplines
• Ability to perform on specific weekends to support testing events
• Demonstrated ability to manage multiple, parallel, complex engagements collaboratively with a diverse set of stakeholders, subject matter experts, and senior leaders to build requirements and execute across a core set of project milestones
• Familiarity with how key international financial systems operate, to include an understanding of the current threat landscape, operational resiliency considerations, and possible systemic risk scenarios. Experience formulating and/or interpreting threat and risk analyses of cyber adversary techniques, technology disruptions, terrorist attacks, severe weather, and other major hazards
• Experience developing and presenting briefings to collaborative partners in addition to large group meeting facilitation and logistics planning
• Excellent writing skills and ability to communicate effectively. Proficiency in the use of Microsoft Office and related technologies. Background in metrics development, risk analysis & visualization, and automation is a plus.
• The ideal candidate must demonstrate exceptional organizational skills necessary to plan, design, and coordinate the development of simulations and ensure crisis management and incident response procedures are integrated across the firm
Preferred qualifications, capabilities, and skills
• Hold relevant industry certifications showing expertise in cybersecurity and technology testing methodologies or resiliency
• Knowledge/experience in technology and business infrastructure
• Experience in proactive threat monitoring, assessment and analysis
To apply for this position, please use the following URL:
https://ars2.equest.com/?response_id=c0db6a122d191b78db40f0a73e188ced
