Oferta pracy

SAS Supplier Control Assessor ICB Team Lead

J.P. Morgan Poland Services sp. z o.o.

J.P. Morgan Poland Services sp. z o.o.

aleja Jana Pawła II 19

Wola

Warszawa

Your responsibilities

  • The SAS Supplier Control Assessor ICB Team Lead must be collaborative, innovative, and must be willing to drive an assessment operation that is global in nature, that focuses on on-time, efficient, yet complete delivery of supplier assessment and risk management activities. A successful candidate must be able to demonstrate the following capabilities:

  • Deliver comprehensive on-boarding supplier technology and cybersecurity control assessments for the ICB business, Strong delivery, and execution mindset with the ability to engage and influence at all levels.

  • Influence and support Key Performance Indicators (KPIs) across the assessment operations.

  • Organization, and identify and implement efficiencies and process improvements, where applicable.

  • Identify key talent development opportunities, including training, seminars, etc., and work with appropriate teams to ensure assessment organization is the best in the industry.

  • Leverage talent effectively, including both internal assessors as well External Assessment organizations, ensuring workload is properly balanced across teams and regions.

  • Respond to ad hoc inquiries about assessment status, including findings and reports, and be able to explain identified risks across 19+ different control domains.

  • Attract, build, coach and retain Warsaw and Manila assessment operations team of key subject matter experts who possess similar talent that will assist with driving an effective assessment operating model across JPMC.

  • Demonstrate a positive, visible, and collaborative approach to leadership, where team accomplishments are celebrated and rewarded, and everyone’s talents are respected and embraced.

  • Lead the onsite / virtual assessment, providing the overall IT and cybersecurity risk and controls expertise.

  • Identify control breaks and vulnerabilities within supplier’s IT environment.

  • Document findings and work with the LOB Delivery Manager, Information Security Manager to resolve those findings through action plans (APs) or seek risk acceptance (RA) approvals.

  • Support internal education and best practices sharing with peers and colleagues, as well as third party education & awareness, as needed

Our requirements

  • Experience in managing operations, building, and leading cross regional high-performance teams

  • 5-8 years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS) and Third Party Outsourcing Risk Management within a large enterprise level environment.

  • 5-8 years of work experience in one or more areas of infrastructure (e.g., UNIX, Windows), databases (e.g., DB2, Oracle, SQL Server) and networks is required.

  • Understanding of industry risk frameworks (ISO27001, NIST etc.)

  • Strong written and verbal presentation skills at the senior management level

  • CISSP, CISA, CISM, CCSP, CRISC certification is a plus

  • Experience debating issues with senior decision makers and pushing back when necessary.

  • Strong written and verbal presentation skills at the senior management level across various business groups

As the SAS Supplier Control Assessor ICB Team Lead, you will be accountable for the SAS ICB on-boarding supplier assessment team in Warsaw and Manila, and responsible for delivering approx. 400 supplier assessments annually, at all risk tiers, across all regions. This role has operational component responsible for performing technical risk and control assessments of supplier environments, but also is responsible for ensuring that key controls, including cybersecurity and technology controls, are properly assessed using prescribed risk management frameworks. This position will report to the Global Head of Third Party Assessment Operations. The SAS Supplier Control Assessor ICB Team Lead must be collaborative, innovative, and must be willing to drive an assessment operation that is global in nature, that focuses on on-time, efficient, yet complete delivery of supplier assessment and risk management activities.

Description

The Supplier Assurance Services (SAS) team is accountable for executing the global comprehensive risk management and assessment programs for all in-scope suppliers within JPMC’s Corporate Third-Party Oversight (CTPO) program. SAS is also accountable for driving several programs that support the Cybersecurity and Technology (CTC) function, including implementing and operating controls and processes that further enhance the security posture of JPMC’s supply chain. The Supplier Assurance Services (SAS) team is part of Global Supplier Services (GSS), reporting directly to JPMC’s Chief Procurement Officer. The SAS team supports all Lines of Businesses (LOBs), and regions globally.

As the SAS Supplier Control Assessor ICB Team Lead, you will be accountable for the SAS ICB on-boarding supplier assessment team in Warsaw and Manila, and responsible for delivering approx. 400 supplier assessments annually, at all risk tiers, across all regions. This role has operational component responsible for performing technical risk and control assessments of supplier environments, but also is responsible for ensuring that key controls, including cybersecurity and technology controls, are properly assessed using prescribed risk management frameworks. This position will report to the Global Head of Third Party Assessment Operations.