You will develop a strong understanding of the Indonesia Entity business strategy and the critical role that Global Technology and Cybersecurity and Technology Controls plays, and be able to articulate risk in a business lens. To achieve this you will establish strong connectivity and partnerships in the entity with technology and business leadership, and externally with business clients, industry partners, and government agencies. Your focus priority will be to improve Cybersecurity and Technology controls engagement with the Indonesia Entity and support business client engagement on cybersecurity and technology control matters. Additionally, you will participate in the continued transformation of our cybersecurity and technology controls capabilities that support Indonesia Entity by improving team engagement.
Roles and Responsibilities
$ads={1}
- Establish strong engagement with Location Senior Country business management and Regional/Global technology leadership by providing high quality security and risk advisory services.
- Coordinate effective regional partnership to enable the execution of all cybersecurity and technology controls activities affecting the Indonesia entity business and its associated technology environment
- ISM will be main point of contact with regulator on JPMC Indonesia Technology/Cybersecurity Risk matter, including managing entity-specific risks including supporting prompt cyber incident response impacting the entity.
- Lead the location cybersecurity and resilience activities pertaining to Indonesia Regulator Reporting procedure and coordinate with Regional/Global Cyber Security Operation Center to produce appropriate and proactive response to cyber incidents and potential cyber incidents in the future.
- ISM shall have sufficient authority and stature to provide independent views to Location Management including Technology.
- Responsible for bringing to the notice of the Indonesia Board/ Location Operating Committee /Technology sub-committee of the board about the cyber security risk the Indonesia entity is exposed to.
- Responsible for advising Location senior management on technology risk and security matters, including developments in the financial institution's technology security risk profile in relation to its business and operations.
- Responsible for monitoring and timely reporting of key Technology matters covering Cybersecurity KRIs, KPIs, Cyber incidents, and Security in outsourcing requirements impacting Indonesia to location Board and Committees.
- Partner with Regional/Global peers to coordinate and support internal, external and Indonesia Regulatory related audit review and assessment exercise. Ensure compliance to the Indonesia regulatory requirements such as Annual Inherent Risk & Cybersecurity Maturity Assessment, Annual Cybersecurity Testing covering vulnerability analysis and scenario-based cybersecurity testing.
- Responsible for adopting global polices and establish entity specific procedure and enforcing compliance with necessary policies, frameworks and other technology-related regulatory requirements.
- Support the Regional/Global Information Security Manager in tracking and reporting of cybersecurity risk and matters to regional technology operating committee.
- Provide partnership and support to the Regional/Global peers to develop cybersecurity and technology controls execution approach across the country business footprint
- Identify location and regulatory requirements and partner with local, regional and global peers and product teams to develop sustainable solutions
Skills and Experience:
You have been a successful Information Security Manager or led a successful security and risk organization with demonstrated expertise in the follow areas:
- Proven subject matter expertise in Corporate and Investment Banking in the Indonesia market
- IT and cybersecurity policies and standards
- Operational risk frameworks
- Regulatory compliance
- Technology resiliency
- Identity and access management
- Incident management
- Application security and secure systems development lifecycle
- Vulnerability management
- Data protection
Competencies:
You can demonstrate the following key competencies:
- Strong strategic vision mixed with delivery excellence
- Strong leadership, culture carrier and team player experienced in matrix organizations
- Executive, client and industry engagement leadership
- Excellent written and oral communication
- Resolving Conflicts
- Critical thinking
- Objective analysis of poorly defined problems
- Proficient understanding of financial institutions and underlying business processes
- Partnership and influence
- Resource management
- Negotiation and partner management
- Organizational change management
Your expertise in cybersecurity and technology controls, combined with your desire to provide innovative security services, will be an asset to our team. Help deliver high-quality security solutions across all our lines of business around the world by creating, designing, implementing, and maintaining next-level technology.
ABOUT USJ.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
ABOUT THE TEAM
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.