Join our team to ensure a consistent and effective risk management program globally for third party-hosted applications.
As an Application Security Expert, in Corporate Third Party Oversight you will ensure consistent and effective end-to-end risk management program is in place globally for third party-hosted applications. You will influence internal and external stakeholders to inform and ultimately mitigate third party application risk across the firm.
Job Responsibilities
- Drive the transformation agenda, including business justification and program build out.
- Partner with internal risk teams to support business as usual risk activities, reporting and project initiatives.
- Ensure risk impacting the business is effectively identified, quantified, communicated and remediated
- Influence supplier adoption of the product vision, roadmap, and risk control objectives
- Operationalize the Third Party Software Bill of Materials (SBOM) program
Want more jobs like this?
Get jobs in Bonifacio Global City, Philippines delivered to your inbox every week.
Required qualifications, capabilities, and skills
- 5+ years of experience in Third Party Risk Management (TPRM) or Governance, Risk Management, and Compliance (GRC), Cybersecurity, Application Security, Cloud Security Architecture (SaaS, PaaS & IaaS) within a large enterprise level environment
- 3+ years of experience using a broad set of technologies (e.g., servers, operating systems, applications, databases, hypervisors, virtualization management, containers, compute, storage, etc.)
- Strong leadership skills, ability to multitask, sense of ownership, attention to detail and quality, and deliver on commitments
- Understanding of Secure Software Development Life Cycle (SSDLC) (e.g., coding requirements, risk assessments, threat modeling, static code analysis, and dynamic application scanning)
Preferred qualifications, capabilities, and skills
- Certification in Public Cloud Technology from major Cloud Service Provider
- Experience with Software Bill of Materials (SBOM)
- CISSP, CISA, CISM, CCSP or CRISC certification
ABOUT US
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
ABOUT THE TEAM
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.