CCOR Data Risk Associate

JP Morgan

Location: Dorset

Job Type: Full time


Be brave, not perfect.
- Reshma Saujani

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. JPMorgan Chase & Co. is committed to providing a comprehensive set of benefits choices to meet different employee needs and lifestyles, which include choices such as fully paid parental leave time, health care insurance and retirement benefits.

The Compliance, Conduct and Operational Risk (CCOR) Program sets forth JPMorgan Chase & Co.’s (JPMC’s) second line of defense coverage of compliance, conduct, and operational risk. CCOR establishes policies and standards that set forth the requirements for the Lines of Business (LOBs) and Corporate Functions (CFs) and enables oversight and independent assessment over compliance, conduct, and operational risks inherent within the firm’s activities.

Global Data Risk Management (GDRM) Compliance, which is part of the CCOR, articulates the various requirements from laws, rules and regulations concerning Data Risk. This includes the Data Privacy and Protection regulations, across the globe where JPMC has a business presence. GDRM Privacy Compliance articulate such requirements for LOBs/CFs and enables oversight of Compliance risks associated with Data Privacy and Protection Laws.


The EMEA Compliance Privacy and Data Risk team within GDRM is responsible for providing advisory support and helping the LOBs and CFs in managing the Compliance Risks associated with Privacy and Data Risk regulations. The role will require knowledge of Data Management, Data Privacy and Protection regulations, understanding of the financial services and products, along with an ability to build strong relationships. This Privacy Compliance Risk position will have the following responsibilities overseeing Compliance risks across EMEA:

  • This Privacy Compliance Risk position will have the following responsibilities overseeing Compliance risks across the EMEA region:
  • Provide Compliance advice to the EMEA LOBs/CFs in matters relating to Data Storage, Data Privacy and Protection.
  • Advice on Data Storage requirements, including localization, classification, de-identification, and data safeguarding aspects.
  • Liaise with LOB/CF partners in 1st and 2nd line on Privacy risk and control initiatives (e.g., Risk Identification, Compliance Risk Assessment, and implementation of CORE).
  • Lead training, communication, and awareness efforts for Data Risk aspects including Privacy and Protection.
  • Attend and provide oversight to key Governance forums such as the Data Storage and Localization Forums to guide on Data Storage, Privacy and Data Protection requirements.
  • Act as point of expertise for Compliance Risk, advising business partners and other functional groups on emerging and key risk trends, risk events and issues.
  • Develop, maintain, and review Compliance Policies, Standards and Procedures, that support Data Storage, Privacy and Protection regulations.


  • At least 3 years of experience dealing with GDPR and associated EU Data Privacy regulations required; knowledge of cybersecurity and technology controls (protection and implementation) a plus.
  • Familiarity with international regulations in Data Storage, Data Privacy and Protection to facilitate firmwide discussions, solutions for developing common processes in fulfilling those requirements.
  • Ability to understand Data Storage and Privacy requirements, impact and assessments of privacy risks and their drivers, and to form, articulate and explain views.
  • Ability to provide thought leadership and direct LOBs/CFs in solving for complex and competing Data Storage, Privacy and Protection requirements.
  • Strategic thinker with strong analytical and influencing skills.
  • Strong organizational and multi-tasking skills with demonstrated ability to manage expectations, drive change and deliver results in a fast-paced and evolving environment.
  • Proactive and self-motivated with the ability to think and act independently.
  • Experience in interacting with global partners and senior management across businesses and geographies.
  • Strong data management knowledge in disciplines such as data governance, data protection, data storage, and data operations a plus.
  • Excellent written and verbal communication and presentation skills.
  • At least a bachelor’s degree required and accredited certification preferred: e.g., CIPP or ISACA.
You’ve got this!