Asset Management – Cyber Security Operation Lead – VP

We are seeking an expert to lead the Information Security Operations team, build, implement and oversee an information security system that is aligned with the company's strategic goals, ensure the company complies with laws, regulations and regulatory requirements, as well as the group's internal control requirements, and effectively manage information security risks.

Job Responsibilities：

1. Security system and strategy mechanism construction:
2. Security operations and incident response:
3. Safety technology guarantee

• Responsible for formulating, reviewing and continuously optimizing the company's information security strategies, systems, standards and processes in accordance with laws, regulations and regulatory requirements, as well as the group's internal control requirements.
• Responsible for the overall planning, construction and operation of the company's information security system.
• Responsible for security risk assessment, regular vulnerability scanning, penetration testing and security audits, and promoting closed-loop rectification.
• Optimize the work framework of the cybersecurity team, formulate and implement plans in a planned and gradual manner, and promote and enhance cybersecurity service capabilities
• Lead the network security operations team to be responsible for 7x24 hours security monitoring, real-time analysis of security alerts, and rapid response, disposal and tracing of security incidents.
• Manage and operate various security devices and systems, including but not limited to firewalls and other network security protection devices and systems;
• Establish and improve emergency response plans for security incidents and organize drills regularly.
• Responsible for the security protection of the company's network, servers, user terminals, applications and data.
• Lead the completion of internal and external audit work.
• Collaborate closely with application development, operation and maintenance, service and other teams to promote the implementation of software code security system.

4. Team Management

• Responsible for the daily management, work arrangements, skills training and echelon building of the information security team.

Required Qualifications, Capabilities, And Skills:

• Proficient in English 
• Bachelor degree or above in computer science, information security or other related majors.
• More than 5 years of working experience in information security, including at least 2 years as a team leader or core member. Candidates with information security experience in the securities and fund industry preferred. Candidates with information security experience in other financial institutions, large technology or internet industries may also be considered.

Technical Capabilities:

• Proficient in network attack and defense technologies, familiar with the principles and prevention measures of common web security vulnerabilities such as OWASP Top 10.
• Have extensive experience in security equipment operation and maintenance, and a deep understanding of the principles of security protection equipment such as firewalls.
• Proficient in Linux/Windows operating system security configuration and hardening.
• Have scripting skills (such as Python/Shell/PowerShell) to automate security tasks.
• Excellent communication and coordination skills, project promotion ability, multi-tasking ability and team leadership ability. Have a strong sense of responsibility and ability to withstand pressure.
• Candidates holding certifications such as CISSP, CISP, CISA, etc. are preferred.

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
   We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.