Global Supplier Services - Associate

Bring your expertise to JPMorgan Chase, a global leader in financial services committed to innovation, integrity, and making a positive impact.

As part of our Third Party Application Security (TPAS) program within Corporate Third Party Oversight (CTPO), you'll be at the heart of our mission to keep the firm's supply chain strong and resilient.

Here, you'll help anticipate and address new and emerging risks in third party software, cloud environments, and AI systems-using your skills to solve real-world challenges that affect our company, partners, and communities.

As a Third Party Application Security Associate within the Third Party Application Security (TPAS) program, you'll play a pivotal role in protecting JPMorgan Chase's supply chain.

You'll lead efforts to monitor and strengthen third party applications by assessing Software Bill of Materials (SBOMs), Artificial Intelligence Bill of Materials (AI BOMs), and cloud security controls.

In this fast-paced environment, you'll engage directly with suppliers, analyze risk data, and track remediation efforts.

You'll collaborate with stakeholders across Lines of Business, Technology, Cybersecurity, and Cloud Engineering to streamline security assessments and validate controls-making a tangible impact on the security and resilience of our organization.

Job Responsibilities


* Assess, verify, and develop processes to gather and analyze third party application security data, including Software Bill of Materials (SBOMs), AI Bill of Materials (AI BOMs), and cloud security controls.


* Proactively engage with suppliers to encourage timely remediation of identified issues.


* Adapt and thrive in a rapidly evolving technology landscape by quickly learning new security frameworks and emerging standards.


* Continuously monitor controls to ensure supply chain security.


* Drive continuous improvement by identifying and implementing opportunities to processes, tools, and overall program.

Required Qualifications, Capabilities, and Skills


* Experience: 2+ years in application security, third party risk management, or cloud security within a financial services or technology environment.


* Analytical Mindset: Ability to understand security requirements, regulatory drivers, and a curiosity that looks for the story behind the data.


* Control Focused: Detail-oriented approach to verifying the accuracy of security assessments and underlying data, especially in large and complex environments.


* Tech-Savvy: Proficiency in Microsoft Office (especially Excel), and familiarity with security assessment tools, SBOM/AI BOM standards, and cloud security platforms (e.g., AWS, Azure, GCP).


* Team Player: Excellent interpersonal skills to work seamlessly within a team and communicate across various departments, both written and verbal.


* Multitasker: Ability to juggle multiple priorities and meet tight deadlines with exceptional organizational skills.


* Innovator: Capab...