CTC Resiliency Lead - Cloud and Cybersecurity

The Cybersecurity and Technology Controls (CTC) organization's objective is to ensure that JPMC is able to effectively detect, prevent, and respond to cyber threats against our technology infrastructure.

The scope of Cybersecurity includes detection and monitoring of threats and vulnerabilities, managing security incidents, and evolving our preventive infrastructure to keep ahead of the threat.

We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the Firm's risk posture.

The CTC Business & Technology Resiliency Lead will drive the design, development, execution, and maintenance of business impact assessments, technology and business resiliency and recovery plans for operational resilience across Cybersecurity and Technology Controls (CTC) to ensure critical business processes remain available during a disruption.

Ensuring that resiliency is designed across the life cycle of applications, thereby driving the timely and successful execution of the Recovery and Resiliency strategy.

Work closely with peers from the Cybersecurity Line of Business, Technology, and Firmwide governance to continue to drive best-in-class resilient applications.

Job Responsibilities:


* Champion the CTC Resiliency team, representing the organization in stakeholder engagements.


* Develop, execute, and maintain business impact assessments, resiliency plans, and technology recovery strategies for critical business processes and applications.


* Leverage experience in designing, implementing, and maintaining resilient systems and solutions in cloud environments, with a particular emphasis on applying best practices for security, availability, and disaster recovery.

Bring hands-on experience in building and supporting resilient cloud environments, with strong familiarity in AWS best practices for security, availability, and disaster recovery.


* Identify and deliver opportunities to strengthen resiliency through plan review, open communication, and by driving solutions with team members and function owners.

Partner with product leads to create and maintain resiliency documentation.


* Plan, execute, and coordinate resiliency tests (Recovery Strategy, Application, and MEPC) as required by regulatory authorities and designated objectives and standards (e.g., tabletop exercises, threat-informed scenarios, plan remediation, testing requirements, reporting), including the use of chaos engineering tools such as Gremlin to proactively test and validate system resilience.


* Execute reporting and governance of controls, policies, issue management, and measurements, providing senior management with insights into control effectiveness and informing governance activities.


* Monitor control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulator...