Supplier Assurance Services - Vice President (Cybersecurity)

Location: Metro Manila, National Capital Region, Philippines

Job Family: Operating Risk & Control Mgt

About the Role

At JP Morgan Chase, we are at the forefront of financial services innovation, and our Operating Risk & Control Management team plays a critical role in safeguarding our global operations. As a Supplier Assurance Services Vice President (Cybersecurity) based in Metro Manila, Philippines, you will lead the evaluation of technology and cybersecurity controls within our suppliers' environments. This role is pivotal in ensuring that our extensive network of third-party providers meets the stringent security standards required in the banking sector, protecting sensitive financial data and maintaining trust with our clients worldwide. You will report to the Head of Supplier Risk and collaborate with teams across Asia-Pacific and global hubs to mitigate risks from cyber threats, supply chain disruptions, and regulatory non-compliance. In this leadership position, you will design and implement robust assessment programs that scrutinize suppliers' IT systems, data encryption practices, and incident response capabilities. Drawing on your expertise in financial services regulations, you will identify potential weaknesses—such as unpatched vulnerabilities or inadequate access controls—and recommend actionable remediation strategies. Your work will directly support JP Morgan Chase's commitment to operational resilience, especially in a region like the Philippines where we are expanding digital banking services. Expect to engage with diverse stakeholders, from supplier executives to internal compliance officers, fostering a culture of proactive risk management. We value professionals who thrive in dynamic, high-stakes environments and are passionate about cybersecurity in finance. This role offers the opportunity to influence enterprise-wide policies while advancing your career in one of the world's leading financial institutions. Join us to contribute to a secure and innovative future for JP Morgan Chase.

Key Responsibilities

• Lead comprehensive technology and cybersecurity control assessments of supplier environments to ensure compliance with JP Morgan Chase standards
• Develop and execute risk assessment methodologies tailored to financial services suppliers, identifying vulnerabilities in IT infrastructure and data handling
• Collaborate with cross-functional teams including procurement, legal, and IT to mitigate supplier-related risks
• Prepare detailed reports and recommendations for senior management on supplier cybersecurity postures and remediation plans
• Monitor ongoing supplier performance against security controls and regulatory requirements
• Conduct due diligence reviews for new supplier onboarding, focusing on cybersecurity maturity
• Drive continuous improvement in supplier assurance processes, incorporating emerging threats like ransomware and supply chain attacks
• Provide training and guidance to junior team members on cybersecurity assessment best practices
• Ensure alignment with JP Morgan Chase's enterprise risk management framework and global policies
• Liaise with external auditors and regulators to support compliance in the Philippines and international operations

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Minimum of 8-10 years of experience in cybersecurity, risk management, or supplier assurance within the financial services industry
• Proven track record in leading technology and cybersecurity control assessments for third-party suppliers
• Strong understanding of regulatory frameworks such as GDPR, PCI-DSS, and SOX relevant to financial institutions
• Experience in conducting risk assessments and audits in a global banking environment
• Professional certifications such as CISA, CISSP, or CRISC
• Ability to travel occasionally for supplier site visits or assessments

Preferred Qualifications

• Advanced degree (Master's or MBA) in Cybersecurity or Risk Management
• Experience working with JP Morgan Chase or similar large financial institutions on supplier risk programs
• Knowledge of cloud security assessments (e.g., AWS, Azure) for financial suppliers
• Familiarity with AI-driven threat detection tools in supplier environments
• Prior leadership role in a global team focused on operational risk and control management

Required Skills

• Cybersecurity assessment and auditing
• Risk management frameworks (e.g., NIST, ISO 27001)
• Third-party vendor risk evaluation
• Regulatory compliance in financial services
• IT infrastructure analysis (networks, cloud, endpoints)
• Report writing and stakeholder communication
• Project management and leadership
• Analytical problem-solving
• Knowledge of threat modeling and vulnerability scanning tools
• Data privacy and protection expertise
• Cross-functional collaboration
• Attention to detail and ethical judgment
• Adaptability to evolving cyber threats
• Proficiency in tools like Nessus, Qualys, or similar
• Strong presentation and negotiation skills

Benefits

• Competitive base salary and performance-based annual bonus
• Comprehensive health, dental, and vision insurance coverage
• Retirement savings plan with company matching contributions
• Generous paid time off, including vacation, sick leave, and parental leave
• Professional development opportunities, including tuition reimbursement and access to JP Morgan's learning platforms
• Employee stock purchase plan and financial wellness programs
• Flexible work arrangements, including hybrid options in Metro Manila
• On-site fitness centers, wellness programs, and employee assistance services

JP Morgan Chase is an equal opportunity employer.