J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
We are seeking a Cyber Defense & Fraud Product Manager within Cybersecurity & Technology Controls.
The Cyber Defense & Fraud Product Manager builds, enhances, and sustains cybersecurity & technology control products to satisfy evolving customer needs through collaborative partnership with engineering, development and operational roles. Manages the product vision, strategy, roadmap and backlog. The suite of products include security information and event management, digital forensics, threat & fraud intelligence, attack simulation, endpoint security, vulnerability management and data loss prevention.
Key responsibilities for this role:
- Managing the delivery of regional and global cross-product initiatives by partnering with and influencing global product backlogs, demand management, and yearly planning taking features and deliverables through the entire Software Development Lifecycle (SDLC) using standard processes and tools (JIRA, Confluence, Clarity, CI/CD, ATDD, etc.)
- Partnering with global product owners to develop and influence the strategic vision and roadmaps for global product domains across technology, architecture, operations, standards, et al.
- Be a strong technologist and a natural collaborator across the firm.
- Able to successfully operate across regions, business and functions of a large enterprise organization with demonstrable strong negotiation, influencing and relationship skills
- Ability to resolve conflict with a proven ability to facilitate and/or make complex decisions based on experience, analysis and judgment
- Providing input to strategic discussions to stakeholders inside the group and across the firm associated with improvement opportunities.
- Providing regular management reporting to senior management and relevant stakeholders in business units.
This role requires a wide variety of strengths and capabilities, including:
- At least 10+ years of experience in information security as a product manager or similar role.
- Proven track record in technology product management, development and delivery.
- Cybersecurity domain expertise including:
- security information and event management
- digital forensics
- threat & fraud intelligence
- attack simulation
- endpoint security
- vulnerability management
- data loss prevention
- Excellent command of cybersecurity organizational practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
- Well versed in application secure design principles, common attack patterns, OWASP top 10 risks/vulnerabilities/solutions and frameworks, etc.
- Knowledge of Threat Intel, APT groups, malware analysis, CAPSEC, MITRE ATT&CK framework is recommended.
- Experience with cybersecurity platforms & technologies
- Experience in supporting technology control frameworks
- Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity and technology controls
- Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
- Expertise in Agile and can work with at least one of the common frameworks
- Strong influencing and negotiating skills, and the ability to overcome barriers and resistance to execute against strategic plans
- Prior hands-on software development or engineering experience is preferred
- Experience with cloud security providers, products and tools is preferred
- Experience with China cloud providers is desirable
- Experience with Data Science / Data Discovery disciplines is preferred
- Experience with User Experience (UX) / Customer Experience (CX) development is preferred.
- Experience in supporting cloud security frameworks is preferred
- Experience with DevSecOps is preferred
- Experience with vendor management is preferred