Join us to shape the future of cybersecurity and resilience. You will lead impactful initiatives that safeguard our organization and drive continuous improvement. Your expertise will empower us to proactively identify and address risks, ensuring we stay ahead in a rapidly evolving threat landscape. We value your ability to collaborate, influence, and deliver results that matter. Discover opportunities for growth and make a difference with us.

Job Summary:
As an Assessments & Exercises Director in the Cybersecurity Testing & Controls (CTC) team, you will lead efforts to strengthen our cybersecurity and resiliency posture. You will plan and implement testing engagements to identify risks and vulnerabilities across people, processes, and technology. Your experience in conducting assessments across diverse systems will help us resolve complex cyber and resiliency risks. By analyzing and articulating vulnerabilities, you will enable us to enhance our security strategy and mitigate risks.

Job Responsibilities:

• Develop and implement operational plans and strategies that align with organizational objectives
• Lead risk-driven testing and simulations, including penetration tests, technical controls assessments, cyber exercises, and resiliency simulations
• Create comprehensive assessment reports with actionable recommendations and communicate outcomes to leadership
• Escalate thematic trends in observations and report on controls effectiveness and operational risk
• Influence and partner with cross-functional teams to drive continuous improvement through data-driven decisions
• Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, and industry best practices
• Lead engagement with internal and external stakeholders, including industry peers and government agencies, to share insights and contribute to policy development

Required Qualifications, Capabilities, and Skills:

• Demonstrated ability to implement complex assessments or exercises collaboratively with diverse stakeholders, subject matter experts, and senior leaders
• Strong understanding of the current threat landscape and resiliency concerns, as well as relevant laws, regulations, policies, and ethics
• Expertise in security assessment methodologies, threat intelligence utilization, control evaluation techniques, or resiliency testing
• Experience developing and presenting briefings to senior leaders and large audiences, facilitating meetings, resolving conflicts, and providing program updates to senior leaders, regulators, and industry groups

Preferred Qualifications, Capabilities, and Skills:

• BS/MS degree in Cyberspace, Homeland Security, Emergency Management, Information Assurance, or Banking/Finance
• Relevant industry certifications such as CISSP, CISM, or OSCP, demonstrating advanced expertise in cybersecurity and offensive testing methodologies or resiliency
• Familiarity with US and key international financial systems

---

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

---

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.

---

Drive innovative security strategies and resilience initiatives to advance the firm’s cybersecurity posture.