
at J.P. Morgan
Bulge Bracket Investment BanksPosted 14 days ago
No clicks
**Associate, Supplier Cybersecurity Controls Assessor - Bengaluru, India** Review suppliers' security stacks, conduct field work, assess controls, and document remediation plans. Provide cybersecurity risk and controls expertise during onsite/virtual assessments. Identify risks, weaknesses, and opportunities for process improvements. Stay informed about industry threats and adversarial tactics. Bring 8-10 years of experience in Technology, Tech Risk & Controls, Application/Cyber/Cloud/Network Security. Demonstrate advanced knowledge of defensive architectures and incident management techniques. Present risks effectively to senior management. CISSP, CCSP, or similar certifications are preferred. Support JPMC's CTPO and Cybersecurity functions to bolster supply chain security.
- Compensation
- Not specified
- City
- Bengaluru
- Country
- India
Currency: Not specified
Full Job Description
Location: Bengaluru, Karnataka, India
In partnership with internal and external stakeholders, review supplier security stacks and conduct field work to ensure they are complete and meet JPMC expectations.
Provide cybersecurity risk and controls expertise during the onsite / virtual assessment of the supplier controls environment.
Identify cybersecurity risks and weaknesses within suppliers IT and hosted cloud environments and document remediation plans.
Remain informed of the latest cyber risks in the industry and current adversarial tactics, techniques and procedures in order to maximize assessment effectiveness.
Identify opportunities for process improvements to deliver increased operational efficiency and opportunities for improving supplier posture including expanded monitoring, key risk indicator tracking, etc
Required qualifications, capabilities, and skills
8-10 years of experience in Technology, Technology Risk & Controls, Cyber Operations, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network Security, or Cyber Resiliency within a large enterprise-level environment.
Advanced knowledge of cybersecurity operations including defensive architectures and processes to combat adversarial activities
Experience with techniques for incident management, incident handling, incident investigations, root cause analysis, and related processes
Written and verbal presentation skills at the senior management level including ability to describe cyber risks in terms relatable to business stakeholders
Preferred qualifications, capabilities, and skills
CISSP, CCSP or similar certifications are a plus
The Supplier Assurance Services (SAS) team performs comprehensive risk assessments of suppliers within JPMCs Corporate Third Party Oversight (CTPO) organization. SAS also supports JPMCs Cybersecurity and Technology functions by designing and implementing controls and processes to further enhance the security posture of JPMCs supply chain.


