Associate, Third-Party Assessments

Short description:

Join a team which drives and performs end to end quality review of Third-Party Assessments and assist the execution of the Assessments.

Posting description

The Supplier Assurance Services (SAS) team performs comprehensive risk assessments of suppliers within JPMC’s Corporate Third-Party Oversight (CTPO) program. SAS also supports JPMC’s Cybersecurity and Technology functions by designing and implementing controls and processes to further enhance the security posture of JPMC’s supply chain. SAS is part of Global Supplier Services (GSS), reporting directly to JPMC’s Global Head of Corporate Third-Party Oversight.

In this role you will support Global Assessment Operations and help to perform quality review of Third-Party Assessment as per Process Assurance process and ensuring that applicable SAS operational procedures and standards are followed within Assessment operations. You will evaluate documentation against suppliers’ infrastructure, application, and control environments. This role also involves a high degree of stakeholder engagement.

Process Assurance Team is comprised of highly skilled and enthusiastic Information security professionals whose mission is to support to shape the future of Third-Party cybersecurity assessments for JPMC.

Job responsibilities:

• Drive and perform end to end quality review of Third-Party Assessment as per Process Assurance process in line with the operational procedures and standards.
• Assist the execution of the Assessments and control documentation as per standards, ensuring appropriate documentation and in compliance with program guidelines and standards. Also, challenging information provided to support the control design and operating effectiveness for TPRM Controls and escalate areas of concern and non-compliance to upper management.
• Identify trends, common quality issues and partner with supplier control assessment operations to enhance quality of supplier control assessments.
• Develop and deliver education/best practices with peers and colleagues, as well as global hubs and actively participate in strategic and tactical initiatives for global operations. Interfacing with regional hubs/operational leads and support for governance policies and program initiatives implementation.
• Contribute to and follow-up of internal and external audits or any regulatory initiatives regarding Third Party Oversight where required.
• Identify opportunities for automation to reduce manual intervention for various data related process and Identify opportunities for process improvement to deliver operational efficiency in the process.
• Support administration updates for the firm's supplier assessment system of record and support for various record hygiene related tasks.

Required qualifications, capabilities, and skills:

• 5-9 of years’ experience in Risk Management, Technology Risk & Controls, Technology Audit, and Third-Party Outsourcing Risk Management within a large enterprise level environment either in control delivery, control review, operations, or assessment capabilities
• Good understanding of relevant aspects of the Third-Party Oversight and Supplier Assurance Programs, lifecycle, execution best practices and supplier risk awareness.
• Experience working in Supplier Management, Risk and Controls Management, Technology Audit, or Information Security team(s).
• Problem-solving attitude and take the initiative when the opportunity arises and ability to demonstrates initiative with proven flexibility, adaptability, and reliability.
• Demonstrated technical understanding of pertinent business areas.
• Sound judgment, learning agility, and an elevated level of professional and personal integrity.
• Effective communication (written and verbal) and social skills; ability to effectively interact with senior/executive management.

Preferred qualifications, capabilities, and skills:

• CISSP, CISA, CISM, CCSP or CRISC certification or similar is a plus.
• Background in technology Audit, Quality Review, Governance, risk, and compliance

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.