Menu

Supplier Assurance Services - Third Party Cyber Risk Expert,

at JPMorgan Chase in Newark, Delaware, United States

Job Description

Seeking proven expert to deliver cyber risk assessments of a third party’s cyber, cloud, emerging technologies, and overall controls.

The Supplier Assurance Services (SAS) team is accountable for executing the global Third Party Risk Management (TPRM) program including Governance, Risk Management, and Compliance (GRC) within firm’s Corporate Third-Party Oversight (CTPO) program. The Strategic Assessments Team within SAS is responsible for performing cyber risk assessments for new Third Party or supplier initiatives.

Additional responsibilities include:

+ Identifying opportunities to improve Third Party risk posture and developing creative solutions for mitigating risks

+ Liaising with firm’s stakeholders and Third Party’s senior managers to influence decisions

+ Driving compliance to the firm’s Minimum Control Requirements (MCRs)

As a Third Party Cyber Risk Expert, the day to day responsibilities will be to execute assessments to ensure controls are implemented, risks are identified, and remediations are documented. This includes:

+ Partnering with multiple Line of Business (LOB) to implement new initiatives that comply with firm’s MCRs

+ Ensuring completeness of questionnaires and supporting field work materials

+ Leading supplier onsite or virtual assessments and providing cybersecurity and risk expertise

+ Identifying control breaks or vulnerabilities

+ Documenting findings, compensating controls and residual risks

+ Working with the Delivery Manager and Information Security Manager to resolve issues through Action Plans (APs) or approved Risk Acceptances (RAs)

+ Discovering opportunities for improving a supplier’s risk posture

+ Supporting education and best practices by sharing with colleagues

Qualifications:

+ 5-7 years of experience in Third Party Risk Management (TPRM) or Governance, Risk Management, and Compliance (GRC), Cybersecurity, Application Security, Cloud Security Architecture (SaaS, PaaS & IaaS) within a large enterprise level environment

+ 5-7 years of experience using a broad set of technologies (e.g., servers, operating systems, applications, databases, hypervisors, virtualization management, containers, compute, storage, etc.)

+ Understanding of network and host-based security technologies, including firewalls, web application firewalls, intrusion detection/prevention, data loss detection/prevention, threat protection, anti-malware, file integrity monitoring, configuration management, etc.

+ Understanding of security testing methods and technologies, including penetration testing, web application security assessments, vulnerability assessments, etc.

+ Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity

+ Understanding of industry risk frameworks (e.g., ISO27001, NIST, MITRE ATT&CK, etc.)

+ Proficient verbal and written communication skills, including the ability to independently and effectively participate in strategic collaborations with peers across the firm and influence senior management decisions

+ Strong project management skills with an ability to multitask effectively and deliver on commitments

+ Proficient with Microsoft applications (e.g., Word, Excel, Outlook, Visio, OneNote, SharePoint, Teams, etc.)

+ Cloud architect certifications (e.g., AWS, Azure, or Google Cloud, etc.) preferred

+ Bachelor’s degree in a relevant discipline preferred

+ CISSP, CISA, CISM, CCSP or CRISC certification preferred

+ Ability to travel at least 25% of the time

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the \“WELL Health-Safety Rating\” for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.

As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. These requirements may include sharing information in the firm’s vaccine record tool, vaccination or regular testing, mask wearing, social distancing and daily health checks. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests.

Equal Opportunity Employer/Disability/Veterans

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the “WELL Health-Safety Rating” for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.

As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. Full vaccination is a requirement for this role for new hires joining JPMorgan Chase . Additional requirements include sharing information including your vaccine card in the firm’s vaccine record tool and may include mask wearing and social distancing. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests as required by applicable law.

Note: The requirement to be fully vaccinated to be hired for this role does not apply to roles with a work location in Arkansas, Florida, Iowa, Montana, and Te

Copy Link

Job Posting: JC201592343

Posted On: Jan 09, 2022

Updated On: Mar 22, 2022