Associate, Supplier Assurance Services

The Supplier Assurance Services (SAS) team performs comprehensive risk assessments of suppliers within JPMC’s Corporate Third Party Oversight (CTPO) program.  SAS also supports JPMC’s Cybersecurity and Technology functions by designing and implementing controls and processes to further enhance the security posture of JPMC’s supply chain.  SAS is part of Global Supplier Services (GSS), reporting directly to JPMC’s Global Head of Corporate Third Party Oversight.

Job Summary

As an Associate, within the Supplier Assurance Services (SAS) Process Assurance team, you will perform quality review of Third-Party Assessment as per Process Assurance process and ensuring that applicable SAS operational procedures and standards are followed within Assessment operations. You will evaluate documentation against suppliers’ infrastructure, application, and control environments. This role also involves a high degree of stakeholder engagement and support to SAS Global Assessment Operations.

Job responsibilities 

• Drive and perform end to end quality review of Third-Party Assessment as per Process Assurance process in line with the operational procedures and standards.
• Assist the execution of the Assessments and control documentation as per standards, ensuring appropriate documentation and in compliance with program guidelines and standards. Also, challenging information provided to support the control design and operating effectiveness for TPRM Controls and escalate areas of concern and non-compliance to upper management.
• Identify trends, common quality issues and partner with supplier control assessment operations to enhance quality of supplier control assessments.
• Develop and deliver education/best practices with peers and colleagues, as well as global hubs and actively participate in strategic and tactical initiatives for global operations. Interfacing with regional hubs/operational leads and support for governance policies and program initiatives implementation.
• Contribute to and follow-up of internal and external audits or any regulatory initiatives regarding Third Party Oversight where required.
• Identify opportunities for automation opportunities and leveraging Artificial Intelligence for process improvement to deliver operational efficiency in the process.

• Support administration updates for the firm's supplier assessment system of record and support for various record hygiene related tasks.

  
  

  Required qualifications, capabilities, and skills

  
  
• 8+ years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network, Security, Cyber Resiliency and Third Party Outsourcing Risk Management within a large enterprise level environment.
• Good understanding of relevant aspects of the Third-Party Oversight and Supplier Assurance Programs, lifecycle, execution best practices and supplier risk awareness.
• Experience working in Supplier Management, Risk and Controls Management, Technology Audit, or Information Security team(s).

• Strong written and verbal presentation skills at the senior management level

  
  

  Preferred qualifications, capabilities, and skills 

  
  
• CISSP, CISA, CISM, CCSP or CRISC certification is a plus

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.