SAS Governance & Stakeholder Management - EMEA Lead
Location: Greater London
Job Type: Full time
The Third Party Operations and Controls (TPOC) team is responsible for developing, deploying, overseeing and ongoing reporting of a program that drives the effective use of suppliers to accomplish JPMorgan Chase's strategic goals. This includes building awareness of the program at the firm and ensuring consistency globally across both the Lines of Business (LOBs) and corporate groups. It also includes understanding and dissemination of regulatory requirements and reporting to regulators on the program and status. The major focus of the program is to ensure our vendors are performing to the same high standards that JPMorgan Chase holds itself accountable to including client service, quality, control, regulatory compliance, business resiliency and protection of information.
The Supplier Assurance Services (SAS) team is part of the JPMC Third Party Operations and Controls (TPOC) Organization. The team provides risk management oversight for suppliers in accordance to JPMorgan Chase (JPMC) Third Party Oversight (TPO) Standards. The SAS team supports all Lines of Businesses (LOBs), and regions globally.
As the Supplier Assurance Services Regional Lead, this position will report functionally to the Global Head of Supplier Assurance Services and directly to the Head of EMEA Corporate Third Party Oversight (CTPO) based in London, and will be accountable for execution of supplier assessments within the region. This includes interfacing with Supplier Assurance Services leads across the globe, and internal partner organizations such as Cybersecurity and Technology Controls, the Regional Chief Information Officer (CIO), and others. This role will partner with the EMEA Head of CTPO, and others in the CTPO team to ensure a joined up approach across the functions. The lead will also partner with external organizations, including regulators, to appropriately steer the Supplier Assurance Services strategy, in conjunction with the CTPO governance team. In addition, this resource will provide coverage for Supplier Assurance Services and Corporate Third Party Oversight in key oversight and governance forums within the region, in partnership with the stakeholder management team as appropriate. Additional responsibilities include, but are not limited to the following:
- Oversee the management of third party onsite and remote assessments, including those specialized assessments considered as alternate processes
- Ensure oversight of the regional teams covering process assurance and issue management, as well as SAS operations.
- Partner with appropriate organizations to implement technology-based solutions to provide continuous assessment services
- Partner with Cybersecurity and Technology product and control owners to ensure all control frameworks area appropriately inclusive of third party risk
- Apply input from partners and key stakeholders on the strategic direction of SAS function
- Drive additional relationships with Global Supplier Services (GSS) and CTPO teams to ensure seamless interaction across all functions
- Partner with EMEA CTPO lead on various in-region efforts, providing coverage and escalation support where necessary
- Participate in multiple management efforts as a key representative of SAS, where applicable, that will enhance the SAS strategy and partnerships across the businesses
- Interact with Internal Audit, Compliance, Operational Risk Oversight, and external regulators as needed
- Drive regional SAS projects, and regional participation in global projects for SAS and more broadly across CTPO where relevant.
- Lead and support the implementation of EMEA CTPO and SAS Operating Model and Strategy
- Drive assessment execution efficiencies for our assessors and suppliers
- Foster innovation in suppler assessment strategy
- Partner with regional leads to ensure that all geographic regional needs are included in the firmwide outsourcing strategy
- Act as an influencer and advocate for the holistic supplier assessment program
- Motivate the global, matrixed team to consistently evolve to meet the needs of our businesses and technology teams, particularly in region.
- 10+ years of experience in a cybersecurity, technology controls, information security, technology audit, technology compliance, third party risk management or technology outsourcing discipline
- 5+ years of people management experience
- Proven experience of working in a highly matrixed, global environment in financial services or technology firms
- Proven track record of both strategic thinking along with thoughtful execution
- Demonstrated knowledge of assessment processes, including the identification and classification of risk
- Strong executive presence, with proven ability to effectively interact with all levels of organizational leadership
- Bachelor’s degree in a relevant discipline required. Masters Degree preferred
- Possession of an active security or information risk certification ( e.g. CISA, CISSP, CISM, CRISC, etc.)
- Ability to travel when required.