Global Supplier Services -Third Party Application Security Vice President

Location: Newark, DE, United States

Job Family: General Management & Ops

About the Role

At JPMorgan Chase, we are at the forefront of redefining the future of financial services through innovation and security. As a Vice President in Global Supplier Services - Third Party Application Security, you will play a pivotal role in safeguarding our vast ecosystem of third-party applications that power our banking, investment, and asset management operations. Based in our Newark, DE office, you will promote robust security initiatives, ensuring that vendor integrations align with Chase's stringent risk management standards and regulatory obligations in the financial industry. This position demands a strategic thinker who can bridge technology, compliance, and business needs to protect sensitive client data and maintain trust in our global operations. Your core responsibilities will include leading risk assessments for third-party applications, developing security policies tailored to fintech environments, and collaborating with cross-functional teams to mitigate vulnerabilities. You will drive the implementation of secure development practices across supplier partnerships, monitor emerging threats like those in cloud-based financial tools, and contribute to incident response strategies that uphold Chase's reputation as a leader in secure banking. By fostering a culture of security awareness, you will help ensure that our third-party ecosystem supports seamless, safe services for millions of customers worldwide. JPMorgan Chase offers an inclusive environment where your expertise can thrive, backed by world-class resources and a commitment to professional growth. This role is ideal for a seasoned cybersecurity professional passionate about the intersection of finance and technology, providing opportunities to influence enterprise-wide security strategies in one of the world's largest financial institutions.

Key Responsibilities

• Lead the Third Party Application Security program, promoting security initiatives across JPMorgan Chase's global supplier ecosystem
• Conduct risk assessments and vulnerability analyses for third-party applications integrated into Chase's financial platforms
• Develop and enforce security policies, standards, and controls for vendor applications to ensure compliance with banking regulations
• Collaborate with procurement, legal, and technology teams to evaluate and onboard secure third-party solutions
• Monitor and report on security posture of supplier applications, identifying and mitigating potential threats to financial data
• Drive awareness and training programs on third-party security best practices for internal stakeholders
• Partner with global teams to align security initiatives with Chase's enterprise risk management framework
• Investigate security incidents involving third-party applications and recommend remediation strategies
• Stay abreast of industry trends and regulatory changes impacting third-party risks in financial services
• Contribute to the continuous improvement of the Global Supplier Services security governance model

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field; advanced degree preferred
• Minimum of 8-10 years of experience in cybersecurity, with at least 5 years focused on third-party risk management in financial services
• Proven track record in developing and implementing application security programs for vendor ecosystems
• Deep knowledge of regulatory requirements such as GDPR, PCI-DSS, and SOX in the banking sector
• Experience with risk assessment methodologies and tools for third-party applications
• Strong understanding of secure software development lifecycle (SDLC) and DevSecOps practices
• Ability to collaborate with cross-functional teams including legal, compliance, and IT in a large financial institution

Preferred Qualifications

• CISSP, CISM, or CRISC certification
• Experience working in a global financial institution like JPMorgan Chase
• Familiarity with cloud security architectures (e.g., AWS, Azure) for third-party integrations
• Prior leadership role in supplier risk management programs
• Knowledge of emerging threats in fintech and blockchain applications

Required Skills

• Expertise in application security testing (e.g., SAST, DAST)
• Proficiency in risk management frameworks like NIST or ISO 27001
• Strong analytical and problem-solving abilities
• Excellent communication and stakeholder management skills
• Knowledge of encryption, authentication, and access control mechanisms
• Experience with security tools such as OWASP ZAP, Burp Suite, or similar
• Understanding of API security and microservices architecture
• Project management skills for leading security initiatives
• Familiarity with compliance auditing in financial environments
• Technical proficiency in scripting languages (e.g., Python, Bash)
• Ability to handle confidential information with integrity
• Leadership and team collaboration in high-stakes settings
• Adaptability to evolving cybersecurity threats
• Data analysis for risk reporting and metrics
• Strategic thinking for long-term security program development

Benefits

• Competitive base salary and performance-based annual bonus
• Comprehensive health, dental, and vision insurance plans
• 401(k) retirement savings plan with generous company match
• Paid time off including vacation, sick days, and parental leave
• Professional development opportunities through JPMorgan Chase's learning programs
• Employee stock purchase plan and financial wellness resources
• On-site fitness centers and wellness programs at select locations
• Flexible work arrangements and hybrid work options in Newark, DE

JP Morgan Chase is an equal opportunity employer.