Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead third-party cybersecurity assessments and evaluate supplier security postures.
- Company: Join a leading firm in cybersecurity and technology controls.
- Benefits: Competitive salary, professional development, and opportunities for career advancement.
- Other info: Dynamic role with a focus on innovation and strategic risk management.
- Why this job: Make a significant impact on cybersecurity by ensuring supplier safety and resilience.
- Qualifications: 10+ years in cybersecurity with expertise in architecture and cloud environments.
The predicted salary is between 100000 - 130000 £ per year.
As an Executive Director within the Cybersecurity and Technology Controls (CTC) Assessments & Exercises function, you will serve as the senior technical authority for third-party cybersecurity assurance. You will bring deep, hands-on expertise in cybersecurity architecture, cloud security, and enterprise control frameworks to critically evaluate the control maturity of the firm's most complex and strategically significant suppliers. Reporting to the Global Third-Party Assurance Lead, you help to elevate the technical rigor, depth, and credibility of third-party assurance outcomes. You will translate complex technical findings into clear, business-relevant risk insights for senior stakeholders across Cybersecurity, Technology, Risk, and the Business, and will act as a trusted escalation point for the most technically challenging assessments.
Job Responsibilities
- Provide authoritative technical leadership across third-party cybersecurity assessments, bringing deep expertise in cybersecurity architecture, cloud-native and hybrid environments, application security, and enterprise control domains.
- Lead and personally conduct in-depth technical evaluations of supplier cybersecurity posture, control maturity, and architectural resilience, particularly for the firm's most critical and complex third-party relationships.
- Perform threat modelling against supplier environments to identify potential security risks and develop mitigation strategies tailored to the firm's risk appetite.
- Evaluate supplier security architectures across public cloud providers (AWS, Azure, Google Cloud), assessing the design and effectiveness of controls in cloud-native, hybrid, and on-premises environments.
- Act as the senior technical escalation point for complex supplier risks, control gaps, and remediation strategies, providing credible challenge and expert advisory input.
- Drive the evolution of the third-party assurance methodology by embedding deeper technical assessment capabilities, including architecture reviews, threat modelling, and cloud security posture evaluation.
- Translate complex technical cybersecurity risks and supplier control deficiencies into clear, actionable, business-relevant insights for senior leadership and non-technical audiences through detailed reports, presentations, and other appropriate methods.
- Partner with Product Security, Cybersecurity Architecture, Technology Risk & Controls, and Cybersecurity pillar leads to ensure alignment in control intent, solution design, and third-party risk remediation.
- Lead thematic analysis to identify systemic technical weaknesses, emerging risks, and trends across the supplier landscape, and recommend strategic remediation approaches.
Required Qualifications, Capabilities, and Skills
- 10+ years of professional experience in cybersecurity, with significant depth in senior technical and/or architecture-focused positions.
- Proven ability to assess and articulate the cybersecurity control maturity of complex technology environments, including enterprise, cloud-native, and hybrid architectures.
- Deep, hands-on expertise in cybersecurity architecture, threat modelling, and designing or evaluating secure controls for enterprise-level solutions.
- Strong understanding of industry cybersecurity frameworks and key control domains (e.g., NIST CSF, ISO 27001, FFIEC, SOC 2, GDPR).
- Thorough design and operational experience across one or more major public cloud providers (AWS, Azure, Google Cloud), with relevant certifications advantageous.
- Proficiency with Cloud Security Posture Management (CSPM) tools and cloud security assessment methodologies.
Assessments & Exercises Director - Third Party Assurance in Bournemouth employer: JPMorganChase
Contact Detail:
JPMorganChase Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Assessments & Exercises Director - Third Party Assurance in Bournemouth
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cybersecurity field. Attend industry events, webinars, or even local meetups. The more people you know, the better your chances of landing that dream job.
✨Tip Number 2
Show off your expertise! Create a portfolio showcasing your work in cybersecurity architecture and assessments. This could be case studies, presentations, or even blog posts. Let potential employers see what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on your technical knowledge and soft skills. Be ready to discuss complex topics like threat modelling and cloud security in a way that’s easy to understand. Practice makes perfect!
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for talented individuals like you. Keep an eye on our job postings and make sure your application stands out by tailoring it to the role.
We think you need these skills to ace Assessments & Exercises Director - Third Party Assurance in Bournemouth
Some tips for your application 🫡
Show Your Expertise: Make sure to highlight your deep hands-on expertise in cybersecurity architecture and cloud security. We want to see how your experience aligns with the role, so don’t hold back on showcasing your skills!
Be Clear and Concise: When translating complex technical findings into business-relevant insights, keep it straightforward. We appreciate clarity, so use simple language that even non-technical folks can understand.
Tailor Your Application: Don’t just send a generic application! Tailor your CV and cover letter to reflect the specific requirements of the Assessments & Exercises Director role. We love seeing candidates who take the time to connect their experience with our needs.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at JPMorganChase
✨Know Your Stuff
Make sure you brush up on your cybersecurity architecture and cloud security knowledge. Be ready to discuss specific frameworks like NIST CSF or ISO 27001, and have examples of how you've applied these in past roles. This will show that you’re not just familiar with the concepts but can also implement them effectively.
✨Prepare for Technical Questions
Expect deep technical questions about threat modelling and control maturity assessments. Prepare to explain your thought process when evaluating supplier security architectures, especially in cloud environments. Practising with a friend or colleague can help you articulate your expertise clearly.
✨Translate Tech Speak
Since you'll need to communicate complex findings to non-technical stakeholders, practice translating technical jargon into business-relevant insights. Think about how you would present a risk assessment to senior leadership and prepare a few key points that highlight your ability to bridge the gap between tech and business.
✨Showcase Your Leadership Skills
As an Executive Director, demonstrating your leadership capabilities is crucial. Be prepared to share examples of how you've led teams or projects, particularly in challenging situations. Highlight your experience in driving methodology evolution and how you've influenced others in your previous roles.