Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

JPMorgan Third Party Oversight - Risk Application Security Vice President 
United States, Ohio, Columbus 
242749381

31.08.2024

As an Application Security Expert, in Corporate Third Party Oversight you will ensure consistent and effective end-to-end risk management program is in place globally for third party-hosted applications. You will influence internal and external stakeholders to inform and ultimately mitigate third party application risk across the firm.

Job Responsibilities

  • Drive the transformation agenda, including business justification and program build out.
  • Partner with internal risk teams to support business as usual risk activities, reporting and project initiatives.
  • Ensure risk impacting the business is effectively identified, quantified, communicated and remediated
  • Influence supplier adoption of the product vision, roadmap, and risk control objectives
  • Operationalize the Third Party Software Bill of Materials (SBOM) program

Required qualifications, capabilities, and skills

  • 5+ years of experience in Third Party Risk Management (TPRM) or Governance, Risk Management, and Compliance (GRC), Cybersecurity, Application Security, Cloud Security Architecture (SaaS, PaaS & IaaS) within a large enterprise level environment
  • 3+ years of experience using a broad set of technologies (e.g., servers, operating systems, applications, databases, hypervisors, virtualization management, containers, compute, storage, etc.)
  • Strong leadership skills, ability to multitask, sense of ownership, attention to detail and quality, and deliver on commitments
  • Understanding of Secure Software Development Life Cycle (SSDLC) (e.g., coding requirements, risk assessments, threat modeling, static code analysis, and dynamic application scanning)

Preferred qualifications, capabilities, and skills

  • Certification in Public Cloud Technology from major Cloud Service Provider
  • Experience with Software Bill of Materials (SBOM)
  • CISSP, CISA, CISM, CCSP or CRISC certification