Apply Now    

Corporate Third Party Oversight – Head of Supplier Assurance Services - MD

Req #: 180013605
Location: Jersey City, NJ, US
Job Category: Accounting/Finance/Audit/Risk
Job Description:

The JPMorgan Chase Corporate Third Party Oversight (CTPO) team is responsible for developing, deploying, overseeing and ongoing reporting of a program that ensures the effective use of third parties to accomplish JPMorgan Chase's strategic goals.  This includes building awareness of the program at the firm and ensuring consistency globally across both the LOB's and corporate groups.  It also includes understanding and dissemination of regulatory requirements and reporting to regulators on the program and status.  The major focus of the program is to ensure our vendors are performing to the same high standards that JPMorgan Chase holds itself accountable to including client service, quality, control, regulatory compliance, business resiliency and protection of information. 


As the Head of Supplier Assurance Services (SAS), you will oversee all external supplier assessment for the firm, including IT risk, operational risk and supplier-hosted application risk. You will maintain a service oriented relationship with key leaders in the business units which you support (e.g. Technology Control Officers, Business Control Officers, Chief Information Officers, etc.). You will set strategic direction and manage a team of 130+ who execute risk assessments and provide risk management interpretations at a supplier level. This role will ensure that the firmwide schedule of 2,000+ control assessments are appropriately prioritized and managed and that risks are effectively communicated to stakeholders. You will lead the summarization and communication of supplier risk at an executive level as well as managing overall remediation activities. You will participate in activities supporting the overall health and efficiency of supplier risk management and seek opportunities to drive improvements, helping to maintain a best in class operating model. Participation in regulatory efforts and special projects as required. This role reports into the Global Head of CTPO and will be based in Jersey City, NJ.

  • Overseeing the risk assessment, remediation and monitoring of IT, operational and supplier-hosted application risks associated with suppliers supporting the firm, in alignment with corporate policies & practices
  • Providing superior service delivery & support to the clients (i.e. Technology Control Officers, Cybersecurity leaders, etc.)
  • Supporting LOB stakeholders and Supplier Oversight Services staff in identification, classification, and decommissioning of suppliers as necessary
  • Maintaining executive level engagement that clearly highlights risks, remediation activities, and recommendations for all corporate functions and LOBs
  • Managing External Assessor relationships ensuring that service delivery and quality standards are consistently maintained (outsourced assessments)
  • Developing and maintaining External Assessor forecast and associated accounting accruals
  • Closely manage operations and risk through KPIs/KRIs
  • Creating and escalating unacceptable supplier risks for swift address by senior management
  • Management of the assessment team as a business, with a focus on building a center of excellence, through effective & efficient processes, talent management, and actively managed costs, SLAs and KRIs
  • Partnering with CTPO, IT Risk, Operational Risk and Sourcing colleagues to manage vendor performance, vendor spend and vendor risk in a holistic manner
  • Management of a firmwide supplier assessment team with 130+ resources, including training, development, performance & talent management, and succession planning
  • Develop, test & implement processes, tools & metrics, to enhance productivity and supplier risk posture
  • Participating & influencing industry dialogue to promote common best practices, as well as interface with regulators, as necessary
  • Engage with senior LOB stakeholders to provide executive briefings on their portfolio health
  • Ensure all TPO activities within the portfolio are delivered in a manner consistent with business objectives, TPO policy and regulatory guidance
  • Act as primary liaison between the SAS team and all control partners (e.g. Oversight & Control, Compliance, Audit, etc.). 

  • 10+ years experience in IT Risk management, audit or equivalent
  • Ability to effectively lead a geographically diverse team
  • Ability to develop leaders within the team and enabling growth opportunities
  • Executive-level verbal and written communication skills, including the ability to effectively lead discussions and meetings
  • Superior organizational skills with an ability to multitask effectively
  • Proficient technical skills, including: audit, business analysis, change management, IT risk management, operation systems and data sources knowledge, performance metrics and reporting, technical problem resolution, project management, and vendor management.
  • Proficient working knowledge within the following risk domains/technologies:
    • Database and application security
    • IDS/IPS technologies
    • System/Access Administration
    • Firewall technologies
    • Network Architecture
    • Security Event Logging & Monitoring
    • Key Management/Tokenization
    • Database/Application/Network Layer Secure Protocols
    • Physical and Environmental Security
    • Secure Software/Code Development
    • Change Management
    • Vulnerability Management
  • IT Risk Management/Audit industry certification (such as CISSP, CISA,CRISC, etc.) a plus
  • Masters degree preferred, Bachelors degree required or equivalent technical experience
  • Proven leader and influencer and able to effect firm-wide change
  • Must be a strategic thinker that can design a 'best in class' program in a timely manner
  • Ability to partner closely with related functions (Sourcing, Legal & Compliance, Audit, etc.) to ensure a coordinated and effective program

Apply Now    
Link for schema

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.