Lovanul Cholil El Frustasi

Minggu, 02 Juni 2013

Information Risk Analyst - Associate - Moscow

Information Risk Analyst - Associate - Moscow
JPMorgan - Moscow (Russian Federation)

Job Description

IT Risk & Security Management (ITRSM) exists to ensure the robust control, security and resiliency of the Firm's computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through an expert central team of domain specialists covering the disciplines of IT Risk Management, Data Protection, Identify and Access Management, Security & Vulnerability Management, Cyber Threat Management, Application Security and Third Party Risk Management.

Execution and delivery within the business context is achieved through active collaboration with line of business Information Risk leaders to provide high quality security solutions and services that are focused on improving the Firm's risk posture. Consistency, standardization and scalability is achieved through a model of locally deployed leadership and capability which provides integration for domain and business line functions at a regional level.

The EMEA IT Risk and Security Management Team

The EMEA IT Risk and Security Management team ensures the Global ITRSM agenda meets the business needs and delivers effectively across the region. Specifically the team is responsible for:
  • Managing the regional IT Risk and Security Risk Profile;
  • Ensuring compliance with IT Risk and Security Policies and Standards in region;
  • Providing oversight of compliance with relevant regulatory and legal requirements as they relate to IT Risk and Security;
  • Protection of customer, employee and corporate confidential information;
  • Facilitating the execution of both global and regional IT Risk and Security Strategic initiatives and projects;
  • Determining priorities, sponsorship and investment requirements for regional initiatives;
  • Initiating and monitoring progress against associated risk and compliance action plans.

Role Description

Reporting to the Information Risk Manager for Eastern Europe & Sub Sahara Africa branches, the Information Risk Officer will be responsible for Moscow location support and will cover the following areas: Identify and Access Management including cryptographic administration, Global IT Risk projects support, Implementation of local IT Regulatory requirements. This individual should be responsible for key technology controls oversight and coordination of establishing evergreen control processes for Moscow. Information Risk Officer will also contribute EMEA IT Risk and Security Management team in execution of Location Risk assessments.
To achieve this outcome the role will need to develop strong working relationships with technology teams, control and compliance functions in Moscow, as well as the Line of Business IRMs covering Moscow location. Successful candidate will be responsible for:

Desired Skills & Experience

Primary Responsibilities:
- Security Administration for local applications and standalone environment
- Cryptography Administration functions in line with local legislation requirements
- JPMorgan Russia On-Line customer cryptographic set-up
- Act as 2nd line support related to cryptographic matters
- Execute awareness for JPMorgan Russia On-Line customers related to antiphishing/ antifraud practices
- Drive IT Risk regulatory related projects (e.g. PI Data law compliance)
- Support Moscow projects from IRM, regulatory and implementation areas
- Respond on IT Risk related queries regarding Moscow
- Support EMEA ITRSM team


Critical:
  • Practical working experience with cryptographic systems employed in financial sector in Russia (e.g. Verba, Validata, Signatura, CryptoPro and etc)
  • Russian qualification in Information Security area (not less then 1000 academic hours)
  • Candidates will have a strong background and experience working in IT and preferably within the financial services sector
  • Experience in IT Risk role/s, preferably supported with appropriate qualifications (CISM, CISSA, CISSP, CRISC or equivalent)
  • Practical working experience with IT risk and control frameworks,
  • Demonstrable understanding of the regulatory compliance environment in Russia
  • Good communication skills, fluent English
  • Self motivated, highly driven to achieve results
Preferred:
  • Experience working in banking IT and Information security sectors
  • Knowledge of industry process, control and risk frameworks, e.g. ITIL, CoBIT, ISO 27001/2, COSO, CRISC
  • Knowledge of JPMC IT Risk Management Policies and Standards
  • Experience leading business critical projects.
  • Strong analytical, interpretive and problem solving skills

Company Description

J.P. Morgan's Corporate & Investment Bank is a global leader across banking, markets and investor services. The world's most important corporations, governments and institutions entrust us with their business in more than 100 countries. With $18 trillion of assets under custody and $393 billion in deposits, the Corporate & Investment Bank provides strategic advice, raises capital, manages risk and extends liquidity in markets around the world. Further information about J.P. Morgan is available at www.jpmorgan.com.

JPMorgan offers an exceptional benefits program and a highly competitive compensation package.

JPMorgan is an Equal Opportunity Employer

Please apply via the link below or go to our website and apply to job number: 130027267 -www.jpmorgan.com/careers

Tidak ada komentar:

Posting Komentar