Cloud Resiliency Risk and Control Architect
TheCybersecurity & Technology Controls group at JPMorgan Chase aligns thefirm's cybersecurity, access management, controls and resiliency teams. Thegroup proactively and strategically partners with all lines of business and functions to enable them todesign, adopt and integrate appropriate controls; deliver processes andsolutions efficiently and consistently; and drive automation of controls. Thegroup's number one priority is to enable the business by keeping the firm safe,stable and resilient.
Workingas an Architect, your passion for technology and thirst for innovation willhelp shape the future of global digital commerce, now and for years to come.Every day, you'll bring critical day-to-day leadership and thinking to thetable, working with teams of architects, aligning cross-functional projects,ensuring that they're within reason, fiscally and technically. You'llcollaborate with internal teams and business leaders alike, creatingstrategically sound Target State Architectures. You will have a major say inbudgeting, hiring, mentoring, setting priorities and fostering a client-centricenvironment where everyone learns and grows. At the end of the day, your workwill have tremendous and positive impact, whether it's in-house, in collaborationwith technologists across JPMorgan Chase & Co.'s global technologycommunity or in partnership with some of the most important tech firms in theworld.
Cyber Production Management and Resiliency (PM&R) exists to strengthen ourIT resiliency and recovery capabilities to ensure the firm's compliance withglobal laws and regulations as they relate to resiliency risk and to improvethe availability and resiliency capabilities of our critical applications andinfrastructure.
Execution and delivery is achievedthrough active collaboration with other control areas within the firm (Line ofBusiness Tech Controls, Global Technology Infrastructure, etc.) to safeguardand protect the firm's assets and reputation. Current key focal areas include
- Development of the firmwide Internal and External Cloud Provider and Services resiliency controls
- Developing a firmwide Resiliency and Recovery strategy related to Cybersecurity threats
- Coordination of technology resiliency regulatory and audit activities to and improve action plans and reporting
- Enhance strategic Data Center disaster recovery test planning, execution and reporting processes
- Proactive scans and resiliency design reviews to identify availability, capacity, configuration and performance issues and prevent or minimize loss of data and extended recovery times
- Partnering with LOB and Corporate Functions to ensure consistent and comprehensive implementation of technology resiliency policies and standards across all regions
Reporting to the Cloud ControlsTechnology Director, this role represents an opportunity to transform the waythat one of the world's largest financial and banking organizations managestechnology resiliency and recovery.
The Cloud Resiliency Risk andControls Architect Lead will:
- Design and Develop Resiliency Risk and Controls framework aligned to Cloud based applications including controls assessment and testing criteria supporting Internal, External/Public, and Hybrid Cloud providers, services.
- Develop availability, resiliency and recovery standards, patterns and best practices based on Cloud based technologies and services
- Conduct application risk and controls reviews and assessments with a specific focus on the availability and recovery of services hosted within the Private and Public Cloud environments.
- Work with Risk and Control owners to ensure all required controls are in place to support Internal, External and Hybrid Cloud solutions
- Oversee the resolution of improvement action plans arising resiliency reviews and assessments
- Develop and updated resiliency and recovery planning/testing polices and standards to align to Internal and External Cloud solutions and provider offerings
Thisrole requires a wide variety of strengths and capabilities, including:
- BS/BA degree or equivalent experience
- Expertise inapplication, data and infrastructure architecture disciplines
- Fluency inarchitecture and design across all systems
- Knowledge inat least one area of technical architecture
- Strategicthinking and passion for business strategy and business processes
- Experience inrisk and risk control compliance
- Ability to work collaboratively in teams anddevelop meaningful relationships to achieve common goals
- Recentexperience managing a company's adoption and transition to external Cloudprovider model, including specific experience related to the following:
Desirable Qualifications & Skills:
- Amazon (AWS), Microsoft Azure, Google Cloud Services
- Application Classification and Candidate Migration Assessment
- Data Classification and Migration Candidate Assessment
- Risk and Controls Assessment/Development
- Operations/Support Model Development and Transformation
- Network and Core Services Design and Transformation
- Subject matter expert in business/service continuity, availability, disaster recovery and/or similar topics
- Global Regulatory Requirements assessment related to Use of Cloud services
- Significant experience in Traditional and Cloud based IT systems architectures & designs
- Analytical; able to work back to first principles or perform root cause analysis
- More than 10 years of industryexperience in cloud technologies and should have worked as an architect for atleast 3-5 years expertise on cloud platform - Hybrid Cloud Environment
- Ability to provide IAAS, SAAS, PAASbased designing solution to on-premise components
- Hands-on development, design and architecture for multiple clients over the experience years.
- Experience on architecting and designing and end to end solution on Cloud (Iaas, Saas, Paas) for customers.
- Interface with Senior Management to develop, refine and execute the cloud strategy and roadmap
- Experience with Containers, Kubernetes, DevOps, CI/CD pipeline across Private and Public cloud.
- Experience architecting High Available applications across internal and external cloud providers
- CBCP/CFCP or CISSP/CRISC/CISM or equivalent industry certifications
- Knowledge of industry-standard risk/control frameworks: ITIL, COSO, NIST, COBIT
- Understanding of technology controls within technology environment in a financial organization
- Architectural skills including design documentation, diagrammatical representations, requirements management
- Hands on Cloud based development or production support with Broad understanding of range of different technologies including operating systems, databases, development tools, end user, networking, security, datacenters, virtualization and also application development lifecycle
- Experience in working with geographically distributed and culturally diverse stakeholders
- Ability to work in dynamic environment and manage change effectively
Whenyou work at JPMorgan Chase & Co., you're not just working at a globalfinancial institution. You're an integral part of one of the world's biggesttech companies. In 20 technology centers worldwide, our team of 50,000technologists design, build and deploy everything from enterprise technologyinitiatives to big data and mobile solutions, as well as innovations inelectronic payments, cybersecurity, machine learning, and cloud development.Our $10B+ annual investment in technology enables us to hire people to createinnovative solutions that will are transforming the financial servicesindustry.
At JPMorgan Chase & Co. we value the uniqueskills of every employee, and we're building a technology organization thatthrives on diversity. We encourageprofessional growth and career development, and offer competitive benefits andcompensation. If you're looking to buildyour career as part of a global technology team tackling big challenges thatimpact the lives of people and companies all around the world, we want to meetyou.