The Cybersecurity Vulnerability Management Response Team at JPMorgan Chase is responsible for the initial vulnerability assessment, impact analysis firmwide, risk assessment, and coordination of critical vulnerabilities affecting our global applications and infrastructure. Operating at the scale of JPMC, the team orchestrates responses that span the entire firm or target specific applications, always balancing risk with our ability to serve clients and customers worldwide.

As an Executive Director in Cybersecurity Vulnerability Management, you will provide strategic leadership and vision for the firm’s vulnerability management operations. You will drive the development and execution of global response strategies, ensuring the highest standards of security and resiliency across our technology estate. Your decisions and guidance will directly influence the firm’s risk posture and safeguard our clients, customers, and assets.

You will be a part of a high-performing team of experts, fostering innovation and collaboration across Cybersecurity, Technology, and Line of Business partners. Your role will be pivotal in shaping the future of vulnerability management at JPMC, leveraging threat intelligence, advanced analytics, and industry best practices to stay ahead of adversaries and evolving risks.

Responsibilities

As the Vulnerability Management Executive Director, you will:

• Set the strategic direction for vulnerability management operations, aligning with firmwide cybersecurity objectives.
• Oversee the assessment, research, and documentation of new vulnerabilities, ensuring comprehensive analysis and timely response.
• Lead the validation of proof-of-concept exploits and confirm mitigation/remediation activities.
• Provide executive-level risk analysis and exposure assessments to senior leadership and stakeholders.
• Define and approve firmwide remediation strategies and vulnerability ratings.
• Champion the development and global training of vulnerability management personnel, building a world-class team.
• Integrate regional operations in partnership with global leads, driving consistency and excellence.
• Foster innovation, continuously evolving the Vulnerability Management mission and capabilities.
• Represent the firm in external forums, engaging with industry partners, regulators, and vendors to advance our security posture.
• Collaborate with senior technology management, risk and control functions, and product owners to ensure alignment and effective execution.

Qualifications

• Minimum of 10+ years’ experience in Cybersecurity leadership roles, with deep expertise in vulnerability management or cybersecurity operations.
• Experience in incident management, cyber response methodologies, and command & control practices at scale.
• Knowledge of cyber scanning tools (Qualys, Aqua, Snyk, Crowdstrike) and security analytics platforms (Splunk, Jupiter Notebooks)
• Strong technical background, including Python development, database management (SQL, ORM, APIs), and experience with Agile methodologies and Jira.
• In-depth understanding of major vendor products/applications (Oracle, Adobe, Microsoft), including product lifecycle and release management.
• Exceptional strategic thinking, problem solving, and decision-making skills, with the ability to prioritize and manage complex initiatives.
• Demonstrated experience leading global teams in a large enterprise environment.
• Bachelor’s degree required; advanced degree preferred.
• Outstanding communication and stakeholder management skills, with the ability to influence at the executive level.