CCOR Tech & Cyber EMEA Outsourcing - VP

JP Morgan

Location: Dorset

Job Type: Full time


The most difficult thing is the decision to act, the rest is merely tenacity.
- Amelia Earhart

J.P. Morgan –Technology & Cybersecurity Outsourcing – VP – UK

JPMorgan Chase is a leading global financial services firm with assets of $2.5 trillion and operations in more than 60 countries. The firm is a leader in investment banking, commercial banking, financial services for small business and consumers, financial transaction processing, asset management and private equity.

About Technology & Cybersecurity CCOR

CCOR Technology & Cybersecurity (“CCOR Tech & Cyber”) is a group within the Compliance, Conduct and Operational Risk (CCOR) organization and is responsible for the design and oversight of the 2nd Line of Defence independent risk management program for technology and cybersecurity risks, leveraging the Operational Risk Framework, regulatory guidance and laws, rules, and regulations.

CCOR Tech & Cyber is seeking a talented candidate for a Vice President position in Technology & Cybersecurity Operational Risk (“Tech & Cyber ORM”) team. The Tech & Cyber ORM team is responsible for the successful implementation and execution of the CCOR Tech & Cyber framework and provides 2nd Line of Defense challenge and oversight to the technology and cybersecurity partners. It also plays a critical role in key initiatives, oversight of programs and regulatory dialogue.

The position reports to the Technology & Cyber CCOR EMEA Lead for Outsourcing & Resiliency Risk and represents an excellent opportunity for a candidate to:

  • Drive the development of the operational risk management practice for Outsourcing across all lines of business within EMEA in a fast-paced and growing business environment
  • Partner with the local and global teams across Compliance, Conduct and Operational Risk (CCOR) organization and line of business operational risk managers to evaluate Outsourcing risk.
  • Work closely with the business teams and stakeholders to evaluate risks and controls associated with Outsourcing, engaging with the implementation of the Firmwide Outsourcing Frameworks across EMEA.
  • Provide a view of the Outsourcing Risks to share with key stakeholders
  • Review Outsourcing risks control design, effectiveness and transformation programs.
  • Develop knowledge in technology and cybersecurity

Key responsibilities include:

  • Challenge & Oversight – provide challenge and oversight of Outsourcing, working with the 1st line teams, executing monitoring and testing activities and completing second line risk assessments.
  • Review of Key Risk and Metrics – review and challenge of risks, metrics and analytics as part of on-going oversight.
  • Continuous Monitoring – perform oversight of operational risks through participation in governance forums, major change management programs, point-in-time issue escalation, industry and regulatory meetings, internal strategic programs and review of internal operational risk events.
  • Significant Event Reviews – review significant events over a defined economic threshold, including but not limited to, examination of event and resolution, metrics, escalations, reporting, and comparison against independent assessment results.
  • Key Risk and Performance Indicators & Analytics - Governance of Key Performance Indicators including analysis of trends, outliers and underlying drivers; also includes support for the quarterly firm-wide Qualitative Operational Risk Appetite process
  • Stay abreast of EU Industry news and regulatory developments to facilitate a proactive approach to risk identification and mitigation.


  • Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required.
  • Experience in technology and operational risk oversight within the financial services industry highly desired.
  • Strong experience in technology resilience oversight and operational risk oversight with experience within the financial services industry highly desired
  • Understanding of technology risk management and control principles with a proven ability to anticipate and identify risks and effective mitigating actions.
  • Adept at developing relationships with strong stakeholder management skills with the confidence to take ideas forward and to challenge others, where appropriate
  • Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results with a high level of professionalism, self-motivation, and integrity
  • Bachelor’s Degree in Computer Science, Computer Engineering, Engineering, Information Security or related field; post-graduate degree a plus
  • Professional certifications such as CISSP, CCSP, CISA, CISM, CRISC are beneficial
You’ve got this!