Apply on Employer Site

Chase · 1 month ago

Tech Risk Assurance - Third Party Lead

575 Washington Blvd, Jersey City, NJ, 07310, US

Full-time

Onsite

Senior Level, Lead/Staff

$142K/yr - $190K/yr

8+ years exp

Chase is a leading financial services firm, and they are seeking a Tech Risk Assurance - Third Party Lead to enhance their risk culture and ensure technological safeguards. The role involves leading technical risk assurance and control oversight, working with cross-functional teams to manage risks and vulnerabilities effectively.

BankingFinancial Services

Responsibilities

Lead efforts to strengthen the firm’s third-party risk assessment and control environment, identifying areas for improvement and advising on control implementation to mitigate thematic risks

Advise stakeholders on risk management, controls development and adherence to mitigate risks

Proactively monitor key risk indicators, analyze control metrics, and offer insights on risk management effectiveness to senior management, driving continuous improvement initiatives

Collaborate with Control Owners to establish and uphold clear cyber, technology, and data control requirements for all third-party relationships

Influence, drive, and oversee the efficient execution of third party assurance programs, ensuring alignment with organizational objectives, risk appetite, and regulatory compliance, while continuously updating requirements to address evolving threats and regulatory changes

Engage with regulators, clients, and stakeholders on risk-related issues, provide necessary oversight, ensuring compliance with laws, regulations, and internal policies

Act as a liaison to Global Supplier Services, Tech Risk and Controls, Product Security, Business Control Managers, and GRC leads to foster a collaborative approach to third-party risk management

Partner with legal and procurement teams to ensure contracts with third-party vendors include robust cybersecurity and data protection provisions

Qualification

Third-party risk managementCybersecurity controlsRegulatory complianceData analyticsRisk management frameworksContract negotiationCross-functional leadershipAnalytical thinkingStakeholder influenceContinuous improvementProject managementCommunication skillsTeam collaborationProblem-solvingFast-paced adaptability

Required

Obtain 8+ years of experience in third-party risk management, cybersecurity, technology risk, or related disciplines and a Bachelor's degree in Information Security, Cybersecurity, Risk Management, Business Administration, or related field; Master's degree preferred

Experience in a highly regulated industry (e.g., financial services, healthcare) is strongly preferred

Deep understanding of third-party risk management frameworks, cybersecurity controls, and regulatory requirements (e.g., OCC, FFIEC, GDPR, ISO 27001, NIST)

Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies

Proven ability to lead cross-functional teams, influence senior stakeholders, and drive strategic initiatives

Demonstrated ability to manage complex programs and projects, prioritize competing demands, and deliver results in a fast-paced environment

Advanced knowledge of data analytics and data literacy to uncover actionable insights and support business decision-making

Experience working with legal and procurement teams to negotiate and strengthen contractual provisions related to cybersecurity and data protection

Demonstrated experience utilizing a range of GRC (Governance, Risk, and Compliance) and data analytics platforms, such as Archer, ServiceNow, Alteryx, Tableau, and QlikView