Join the Supplier Assurance Services (SAS) team and play a pivotal role in safeguarding JPMC’s global supply chain. As part of Global Supplier Services (GSS), SAS leads the execution of comprehensive risk management and assessment programs for all in-scope suppliers under JPMC’s Corporate Third-Party Oversight (CTPO) program. Our team also drives key initiatives that support the Cybersecurity and Technology (CTC) function, implementing robust controls and processes to strengthen JPMC’s security posture. Reporting directly to JPMC’s Global Head of Corporate Third-Party Oversight, SAS supports all Lines of Business and regions worldwide, offering you the opportunity to make a meaningful impact across the organization.

As the Supplier Assessment Operations (Onboarding) Hub Lead on the Global Supplier Services team, you will oversee a regional team within a global assessment delivery function, responsible for executing over 1,700 supplier assessments annually across all risk tiers and regions. In this role, you will ensure that critical controls—including cybersecurity and technology—are thoroughly evaluated using established risk management frameworks. Reporting to the Global Head of Supplier Assurance Services, you will play a key part in firmwide supplier assurance activities. Success in this position requires a collaborative and innovative approach, with a focus on driving efficient, timely, and comprehensive onboarding assessment operations on a global scale.

Job Responsibilities

• Lead the delivery of comprehensive supplier onboarding assessments assigned to the hub, demonstrating a strong execution mindset and the ability to engage and influence stakeholders at all levels.
• Build and maintain effective relationships with line of business leaders to understand their priorities and align initiatives that drive impactful business outcomes.
• Influence cross-functional teams and senior stakeholders to achieve key business objectives.
• Identify opportunities for innovation and continuous improvement, delivering measurable value to the business. Collaborate with policy and governance teams to integrate new capabilities into the existing control assessment framework.
• Communicate business impact, progress, and results clearly and effectively to executive leadership and key stakeholders.
• Identify and support key talent development opportunities, such as training and seminars, to ensure the assessment organization remains industry-leading.
• Represent Supplier Assurance Services at regional governance and change control forums, as well as external industry forums where appropriate.
• Possess comprehensive knowledge of global and regional Third-Party Risk Regulatory requirements and industry-standard risk frameworks, with the ability to communicate effectively with internal and external audit, risk managers, and regulators in various settings, including one-on-one meetings, committee sessions, and formal presentations.
• Attract, develop, coach, and retain a high-performing onboarding assessment operations team of subject matter experts to drive an effective supplier onboarding assessment operating model across JPMC.
• Demonstrate a positive, visible, and collaborative leadership style, celebrating team achievements and fostering an environment where everyone’s talents are respected and valued.

Required Qualifications, Capabilities and Skills

• 10+ years of experience in Cybersecurity or Technology Controls disciplines, including global operations delivery
• 8+ years of experience in information technology risk management and third-party outsourcing risk management, encompassing risk identification, classification, and remediation.
• Strong knowledge and hands-on experience in one or more technology domains, including Data Security, Infrastructure Security, Endpoint/Platform Security, Security Analytics, Authentication/Identity Management, Mobile Security, Application Security, Network Security, Cyber Resiliency, Incident Management, and Cloud Security.
• Solid understanding of industry risk frameworks such as NIST and ISO 27001.
• Extensive experience managing global operations and building and leading high-performance teams.
• Proven ability to debate issues with senior decision makers and provide constructive pushback when necessary.
• Exceptional written and verbal presentation skills, with experience communicating at the senior management level across various business groups.

Preferred qualifications, Capabilities and Skills

• Experience in managing large, complex third-party assessment operations portfolios, preferably with large multinational banks or financial institutions.
• Prefer Financial Services industry experience.
• Experience with program management processes, such as developing business cases and managing budgets.
• Possessing one or more Information Security certifications, such as CISSP, CISA, CISM, CCSP, or CRISC is a plus.
• Bachelor’s Degree Required, Master’s Degree Preferred.