Third Party Assessment Operations Lead

Job Description

The Supplier Assurance Services (SAS) team is accountable for executing the global comprehensive risk management and assessment programs for all in-scope suppliers within JPMC s Corporate Third Party Oversight (CTPO) program. SAS is also accountable for driving several programs that support the Cybersecurity and Technology (CTC) function, including implementing and operating controls and processes that further enhance the security posture of JPMC s supply chain. The Supplier Assurance Services (SAS) team is part of Global Supplier Services (GSS), reporting directly to JPMC s Chief Procurement Officer. The SAS team supports all Lines of Businesses (LOBs), and regions globally.As the Head of Third Party Assessment Operations for the Bangalore Hub, you will be accountable for the supplier assessment teams in Bangalore, and will be part of a global assessment delivery function, responsible for delivering over 1,500 supplier assessments annually, at all risk tiers, across all regions. This role has an operational component, but also is responsible for ensuring that key controls, including cybersecurity and technology controls, are properly assessed using prescribed risk management frameworks. This position will report to the Global Head of Third Party Assessment Operations, who is accountable for all third party assessment activities at the firmwide level.

• The Head of Third Party Assessment Operations for the Bangalore Hub must be collaborative, innovative, and must be willing to drive an assessment operation that is global in nature, that focuses on on-time, efficient, yet complete delivery of supplier assessment and risk management activities. A successful candidate must be able to demonstrate the following capabilities:
• Deliver comprehensive supplier assessments assigned to the Bangalore assessment operations hub, Strong delivery and execution mindset with the ability to engage and influence at all levels.
• Influence and support Key Performance Indicators (KPIs) across the assessment operations. Organization, and identify and implement efficiencies and process improvements, where applicable.
• Identify key talent development opportunities, including training, seminars, etc., and work with appropriate teams to ensure assessment organization is the best in the industry.
• Drive and mature the collaborative partnership between SAS, TPO, LOB, CTC and External Assessment Organizations ensuring key internal and external stakeholders contribute to the assessment operations processes, including direct participation in assessments, where applicable.
• Partner with various policy and governance teams to build new capabilities into existing control frameworks.
• Leverage talent effectively, including both internal assessors as well External Assessment organizations, ensuring workload is properly balanced across teams and regions.
• Respond to ad hoc inquiries about assessment status, including findings and reports, and be able to explain identified risks across 19+ different control domains.
• Represent Supplier Assurance Services at key regional, governance and change control forums and routines. Including external industry forums where applicable
• Comprehensive knowledge of global Third Party Risk Regulatory requirements and industry standard risk frameworks is a must, the individual is expected to be able to communicate effectively with internal / external audit, risk managers and regulators both verbally and written in a variety of situations, including one to one, committee meetings and formal presentations.
• Leverage tools, such as reporting, dashboards, and other capabilities in order to effectively manage a large global assessment operations book of work.
• Develop an end-to-end understanding of the JPMC CTPO and SAS programs, including how suppliers are tiered, assessed, and how their risks are managed.
• Attract, build, coach and retain Bangalore assessment operations team of key subject matter experts who possess similar talent that will assist with driving an effective assessment operating model across JPMC.
• Demonstrate a positive, visible, and collaborative approach to leadership, where team accomplishments are celebrated and rewarded, and everyone s talents are respected and embraced.

• 6 8 years of experience in one or more Cybersecurity or Technology Controls disciplines including global operations delivery preferably in the Financial Services Industry.
• 6 8 years of experience in information technology risk management, third party outsourcing risk management including risk identification, classification, and remediation.
• 6 8 years of exposure to program management processes, such as building business cases and budget management. Recent exposure to Agile concepts and tools like JIRA and Confluence also preferred.
• Extensive experience in managing regional operations, building and leading high-performance - teams
• Bachelor s Degree Required, Master s Degree Preferred.
• Possessing one or more Information Security certifications, such as CISSP, CISA, CISM, CSSP, or CRISC is a plus.
• Experience debating issues and topics with senior decision makers and pushing back when necessary.
• Strong written and verbal presentation skills at the senior management level across various business groups.

Keyskills :
subject matter expertschange controlrisk managementtechnology riskrisk frameworkssenior managementglobal operationsfinancial servicesprogram managementinformation securityregulatory requirements