JPMorgan Third Party Oversight - Risk Application Security Vice President 

United States, Ohio, Columbus 

242749381

As an Application Security Expert, in Corporate Third Party Oversight you will ensure consistent and effective end-to-end risk management program is in place globally for third party-hosted applications. You will influence internal and external stakeholders to inform and ultimately mitigate third party application risk across the firm.

Job Responsibilities

• Drive the transformation agenda, including business justification and program build out.
• Partner with internal risk teams to support business as usual risk activities, reporting and project initiatives.
• Ensure risk impacting the business is effectively identified, quantified, communicated and remediated
• Influence supplier adoption of the product vision, roadmap, and risk control objectives
• Operationalize the Third Party Software Bill of Materials (SBOM) program

Required qualifications, capabilities, and skills

• 5+ years of experience in Third Party Risk Management (TPRM) or Governance, Risk Management, and Compliance (GRC), Cybersecurity, Application Security, Cloud Security Architecture (SaaS, PaaS & IaaS) within a large enterprise level environment
• 3+ years of experience using a broad set of technologies (e.g., servers, operating systems, applications, databases, hypervisors, virtualization management, containers, compute, storage, etc.)
• Strong leadership skills, ability to multitask, sense of ownership, attention to detail and quality, and deliver on commitments
• Understanding of Secure Software Development Life Cycle (SSDLC) (e.g., coding requirements, risk assessments, threat modeling, static code analysis, and dynamic application scanning)

Preferred qualifications, capabilities, and skills

• Certification in Public Cloud Technology from major Cloud Service Provider
• Experience with Software Bill of Materials (SBOM)
• CISSP, CISA, CISM, CCSP or CRISC certification