Apply Now    

Cybersecurity Vulnerability Management Lead

Req #: 170038199
Location: Jersey City, NJ, US
Job Category: Technology
Potential Referral Amount: 0 US Dollar (USD)
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at

Global Cybersecurity Officers protect the firm's people, clients and information assets - ensuring the safety and soundness of the firm's business operations
• Cybersecurity personnel provide subject matter expertise, thought leadership, guidance, best practice and support across all business and technology groups firm-wide as it relates to the security of JMPC, it’s products, processes and technology
• The Cybersecurity team drives value creation by accelerating business and technology opportunities and leads proactive, intelligence-driven operations that quickly meet and stop adversaries and build a foundational fortress for business operations in any environment
• Advanced level Cybersecurity professionals are able to participate in senior level discussions on concepts, principles and issues as well as the application and implication of changes to processes, policies and procedures with perspective as they relate to Cybersecurity
• Additionally, professional is able to lead intelligent analysis and actions that stop adversaries and ensure the firm's safety.

Within Global Cybersecurity, the Governance, Risk & Control team seeks a Cybersecurity Vulnerability Management Lead (VP), responsible to support the Head of Cybersecurity Governance by acting as the day-to-day owner for Cybersecurity Policies, Standards and Procedures with respect to Vulnerability Management. Working within the broader JPMC Technology Risk Management framework, manage Governance Functions related to Vulnerability Risk Management for Cybersecurity.

Roles and Responsibilities
Manage the evolution of cybersecurity standards for a select set of Cybersecurity tools and techniques on both internal and external hosting environments. Activities include [but are not limited to]:
• Ensure that all controls related to Vulnerability Management are demonstrable and sustainable, identify issues and support action plans to strengthen Vulnerability Management control effectiveness
• Lead working groups of business stakeholders to proactively enhance Vulnerability Management standards in conjunction with the Firmwide Cybersecurity Program and Vulnerability Management Product and Capability Roadmaps
• Proactively manage relationships with stakeholders through effective communication, including interactions with EDs and MDs on a regular basis
• Ensure stability and resiliency of Cybersecurity products and services related to Vulnerability Management
• Employ defense-in-depth principles along the kill chain to eliminate risk and vulnerabilities and improve security controls
• As a member of the Governance, contribute to team goals and objectives
• Interface with and support the work of the Cybersecurity GRC Risk and Control teams, and contribute to overall Cybersecurity GRC goals and objectives
• Bachelors’ degree in computer science, information systems or related field; advanced degree preferred
• 8+ years of overall IT experience preferred.
• 7+ years of technology experience, ideally including experience in the Financial Services and Cybersecurity or related fields.
• Certified Information Security Auditor (CISA) or willingness to pursue.
• Strong working knowledge of operations practices in the context of Cybersecurity
• Knowledge of what constitutes a cybersecurity attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues
• Keeps technical skills current, able to contribute to in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation.
• Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations.
• Effective negotiation and influencing skills.
• Ability to both learn from colleagues and think outside the box.
Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Things to note

Sign in to our application system to continue your job search or update your profile.

Current employees sign in here. Contractors sign in here.

Any information you provide is confidential and will only be viewed by our recruiters in an effort to fill open positions. In addition, the information you provide is subject to our privacy policy practices.

Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.

The firm invites all interested and qualified candidates to apply for employment opportunities.

Need disability related assistance?

If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please click here.

Important links

Click here to view the "EEO is the Law" poster.

Click here to view the "EEO is the Law" supplemental poster.

Click here to view our U.S. Pay Transparency Policy.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.