This listing has expired and therefore is not publicly viewable.

Third Party Risk Management Controls Design Lead
Company JP Morgan Chase & Co
Location Plano, TX or Columbus, OH
Preferred GIAC Certifications GSTRT, GSLC, GCPM, GSNA, or GCCC
Travel 10%
Salary Not provided
Contact Name Anonymous
Contact Email donotemail/at/
Expires 2022-08-13

Job Description

The Third Party Risk Management Controls Design Lead position will report to the Global Head of SAS Governance and will be responsible for the development, implementation and oversight of supplier cybersecurity and operational controls designed to meet regulatory and internal business requirements. This includes interfacing with SAS leads across the globe as well as internal and external partners and organizations such as CTPO Risk and Controls, the TruSight supplier control assessment utility and others. In addition, this resource will provide coverage for Supplier Assurance Services and Corporate Third Party Oversight in key oversight and governance forums, as appropriate. Additional responsibilities include, but are not limited to the following:

Partner with CTPO Risk and Controls, SAS Operations and others to help ensure supplier cybersecurity and operational control sets are appropriately inclusive of third party risk
Apply input from key stakeholders and partners on the strategic direction of supplier cybersecurity and operational controls to include those control sets provided by the TruSight supplier control assessment utility
Lead and support the testing/regression testing and implementation of supplier cybersecurity and operational control sets and adjacent processes
Drive additional relationships with Global Supplier Services (GSS), CTPO and Technology teams to ensure seamless interaction across all functions
Participate in management efforts as a key representative of SAS Governance, where applicable, that will enhance the SAS strategy and partnerships across the businesses
Interact with Internal Audit, Compliance and Operational Risk Oversight as needed
Foster supplier control assessment execution efficiencies for our assessors and suppliers through straightforward design of question sets
Foster innovation in suppler control design strategy
Partner with CTPO and SAS Governance regional resources to ensure that geographic regional needs are considered in the supplier control strategy
Act as an influencer and advocate for the holistic supplier assessment program

7+ years of experience in a cybersecurity, technology controls, information security, technology audit, technology compliance, third party risk management or technology outsourcing discipline
Proven experience of working in a highly matrixed, global environment in financial services or technology firms
Proven track record of both strategic thinking along with thoughtful execution
Demonstrated knowledge of assessment processes, including the identification and classification of risk
Strong executive presence, with proven ability to effectively interact with all levels of organizational leadership
Bachelor’s degree in a relevant discipline required
Possession of an active security or information risk certification ( e.g. CISA, CISSP, CISM, CRISC, etc.)
Ability to travel when required.