hero

Find Your Dream Job Today

Out for Undergrad
companies
Jobs
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Tech Risk Assurance - Third Party Lead

JPMorganChase

JPMorganChase

New York, USA
Posted on Nov 19, 2025

Opportunity to shape risk culture and ensure technological safeguards in a dynamic, collaborative environment.

As a Tech Risk Assurance - Third Party Lead in Cybersecurity Technology & Controls, you will lead expert technical risk assurance and control oversight to ensure the firm's products and lines of business achieve their objectives while effectively managing risk. Utilizing your background in technology risk management, you will work with cross-functional teams to identify, assess, and mitigate emerging risks and vulnerabilities. Your tactical and strategic decision-making will significantly impact the firm's operations, financial management, and public image. You will play a crucial role in fostering a robust risk culture and catalyzing continuous improvement, contributing to the development and implementation of comprehensive risk management policies, standards, and controls.

Job responsibilities

  • Lead efforts to strengthen the firm’s third-party risk assessment and control environment, identifying areas for improvement and advising on control implementation to mitigate thematic risks.
  • Advise stakeholders on risk management, controls development and adherence to mitigate risks
  • Proactively monitor key risk indicators, analyze control metrics, and offer insights on risk management effectiveness to senior management, driving continuous improvement initiatives
  • Collaborate with Control Owners to establish and uphold clear cyber, technology, and data control requirements for all third-party relationships.
  • Influence, drive, and oversee the efficient execution of third party assurance programs, ensuring alignment with organizational objectives, risk appetite, and regulatory compliance, while continuously updating requirements to address evolving threats and regulatory changes.
  • Engage with regulators, clients, and stakeholders on risk-related issues, provide necessary oversight, ensuring compliance with laws, regulations, and internal policies
  • Act as a liaison to Global Supplier Services, Tech Risk and Controls, Product Security, Business Control Managers, and GRC leads to foster a collaborative approach to third-party risk management.
  • Partner with legal and procurement teams to ensure contracts with third-party vendors include robust cybersecurity and data protection provisions.

Required qualifications, capabilities, and skills

  • Obtain 8+ years of experience in third-party risk management, cybersecurity, technology risk, or related disciplines and a Bachelor’s degree in Information Security, Cybersecurity, Risk Management, Business Administration, or related field; Master’s degree preferred.
  • Experience in a highly regulated industry (e.g., financial services, healthcare) is strongly preferred.
  • Deep understanding of third-party risk management frameworks, cybersecurity controls, and regulatory requirements (e.g., OCC, FFIEC, GDPR, ISO 27001, NIST).
  • Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies
  • Proven ability to lead cross-functional teams, influence senior stakeholders, and drive strategic initiatives.
  • Demonstrated ability to manage complex programs and projects, prioritize competing demands, and deliver results in a fast-paced environment.
  • Advanced knowledge of data analytics and data literacy to uncover actionable insights and support business decision-making
  • Experience working with legal and procurement teams to negotiate and strengthen contractual provisions related to cybersecurity and data protection.
  • Demonstrated experience utilizing a range of GRC (Governance, Risk, and Compliance) and data analytics platforms, such as Archer, ServiceNow, Alteryx, Tableau, and QlikView.

Preferred qualifications, capabilities, and skills

  • Certified Risk and Information Systems and Controls (CRISC) certification
  • Certified Third Party Risk Professional (CTPRP)
  • Certified Regulatory Vendor Program Manager (CRVPM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Other relevant certifications

#CTC

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
Lead in tech risk assurance and control oversight at an iconic financial firm, ensuring risk management aligns with objectives.
See more open positions at JPMorganChase
Privacy policyCookie policy