Apply Now    

GSS | SAS - Issue / Break Management Analyst - 601

Req #: 180009985
Location: Warsaw, MZ, PL
Job Category: Credit
Job Description:
Supplier Assurance Services / Control Issues & Break Mgmt / Job Description
SAS Issue/Break Mgmt Analyst (One 601 FTE)
Location – Poland
The Supplier Assurance Services organization is part of the JPMC Global Supplier Services (GSS) / Corporate Third Party Oversight (CTPO) organization. The SAS team provides IT risk management oversight on third party service providers in accordance to JPMorgan Chase (JPMC) Third Party Oversight (TPO) Standards and Global Technology Standards.  The SAS Shared Service team supports number of Line of Businesses (LOBs), including Mortgage Banking (MB), Corporate Sector Functions and Technology (CS) and Consumer & Business Banking (CBB), Corporate & Investment Bank (CIB) and Asset Management (AM).
In order to improve Supplier Assurance Services’ organization and drive efficiency, we are implementing some changes to the way we operate by establishing a Central Office that will interface with GSS/CTPO leadership and functions around the firm, and be fully dedicated to planning, business management, management reporting, stakeholder management and executive matters. 
As part of this centralized function, the Assessment Operations Center will be established to standardize and centralize assessment support and operational tasks – as a shared-service utility supporting all assessments (CRA, ACA, and SORA).
The Control Issue / Break Mgmt team will improve quality and standardize the approach to supplier control issues across SAS.  This team will be responsible for:
  • Manage entire issue lifecycle
  • Identify trends / common issues to resolve and improve training focus areas
  • Manage control issues/breaks (opening, description, severity justification, documentation, closure) in line with approved SAS procedures/guidance
  • Partner with IT assessors on addressing common issue challenges
As a SAS Control Issue / Break Mgmt Analyst within this group your day to day responsibilities will be to manage the standardization, creation and closure of IT controls issues identified as part of the IT and Operational risk assessments and control breaks identified from the application security assessments (ie. CRA, ACA, and SORA) to improve the overall issue quality and articulate the risk to the business due to the supplier control breaks.  This includes:
  • Understand all aspects of the supplier risk assessment processes
  • For IT & Operational Assessments and ACAs issues and non-compliance acceptances, manage entire issue lifecycle (identification, creation, modifications, extensions, and validate closure evidence) as per SAS Handbook.
  • Ensure high rated issues are escalated as necessary to the owning business and RCSA.
  • Conduct analysis of common supplier issues in order to develop issue and remediation guidance
  • Partner with IT and Operational assessors to understand the control issues and breaks identified as part of the assessment process.
  • Develop guidelines and templates in order to standardize common issues and controls breaks.
  • Document control issues and breaks following SAS guidance and tools
  • Ability to understand and articulate the risk to the business due to a supplier control issue or break
  • Ability to review supplier closure evidence to determine if issue resolution and risk mitigation.
  • Identify opportunities for process improvements to deliver increasing operational efficiency in the issue & break mgmt. processes.
  • Identify opportunities for improving third party risk posture as well as JPMC's third party risk management processes, including expanded monitoring, KRI tracking, etc.
  • Develop key performance indicators to track progress, along with success criteria
  • Support internal education and best practices sharing with peers and colleagues, as well as third party education & awareness, as needed
  • 3-5 years of experience in Information Technology within a large enterprise level environment.
  • 3-5 years of experience in Supplier Management, Risk Management, Technology Audit function or Information Security Risk
  • 3-5 years of experience in a Quality Control or Quality Assurance function is a plus
  • 3-5 years of experience in issue lifecycle management
  • Strong understanding of Supplier IT and Operational risk.
  • Complete understanding of IT control policies.
  • Excellent verbal communication skills
  • Strong written and verbal presentation skills at the senior management level across various business groups
  • CISSP, CISM/CISA or CRISC certification is a plus
About J.P. Morgan Chase & Co:
J.P. Morgan serves one of the largest client franchises in the world. Our clients include corporations, institutional investors, hedge funds, governments and affluent individuals in more than 100 countries. J.P. Morgan is part of JPMorgan Chase & Co. (NYSE: JPM), a leading global financial services firm with assets of $2.1 trillion.  The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity. A component of the Dow Jones Industrial Average, JPMorgan Chase serves millions of clients and consumers under its JPMorgan and Chase, and WaMu brands.
J.P. Morgan offers an exceptional benefits program and a highly competitive compensation package.
J.P. Morgan is an Equal Opportunity Employer
Apply Now    
Link for schema

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.