EMEA Data Risk Management - Vice President

You are a strategic thinker with strong analytical and influencing skills. Also, you are proactive and self-motivated with the ability to think and act independently. You have found the right team.

As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class.

The Compliance, Conduct and Operational Risk (CCOR) Global Data Risk Management (GDRM) team is responsible for independently, holistically, and proactively identifying, assessing, and managing compliance and operational risks related to Privacy and data risk in our businesses as a second line of defense. The Compliance Risk team within GDRM is responsible for providing advisory support and helping the LOBs and CFs in managing the Compliance Risks associated with Data Risk regulations, which includes the Data Privacy and Protection regulations, across EMEA where JPMC has a business presence. The EMEA Privacy and Data Risk Compliance role is responsible for the management, analysis, support and oversight of compliance with GDPR and related Privacy laws and regulations across the EMEA region.

Job responsibilities

You have knowledge of Data Management, Data Privacy and Protection regulations, understanding of financial services and products, along with an ability to build strong relationships. In this Privacy Compliance Risk position, you will have the following responsibilities overseeing Compliance risks across the firm:

• Provide Compliance advice to the line of business in matters relating to Data Storage, Data Privacy and Protection
• Advice on Data Storage requirements, including localization, classification, de-identification, and data safeguarding aspects
• Liaise with different line of business partners in 1st and 2nd line on Privacy risk and control initiatives (e.g., Risk Identification, Compliance Risk Assessment)
• Lead training, communication, and awareness efforts for Data Risk aspects including Privacy and Protection
• Attend and provide oversight to key Governance forums such as the Data Storage and Localization Forums to guide on Data Storage, Privacy and Data Protection requirements
• Act as point of expertise for Compliance Risk, advising business partners and other functional groups on emerging and key risk trends, risk events and issues
• Develop, maintain, and review Compliance Policies, Standards and Procedures, that support Data Storage, Privacy and Protection regulations

Required qualifications, capabilities, and skills

• Strong experience with privacy compliance and risk management is required; knowledge of cybersecurity and technology controls (protection and implementation) a plus
• Familiarity with international regulations in Data Storage, Data Privacy and Protection to facilitate firmwide discussions, solutions for developing common processes in fulfilling those requirements
• Ability to understand Data Storage and Privacy requirements, impacts and assessments of privacy risks and their drivers, and to form, articulate and explain views
• Ability to provide thought leadership and direct line of business in solving for complex and competing Data Storage, Privacy and Protection requirements
• Strong organizational and multi-tasking skills with demonstrated ability to manage expectations, drive change and deliver results in a fast-paced and evolving environment
• Experience in interacting with global partners and senior management across businesses and geographies
• Proven ability to collaborate and build strong partnerships
• Strong data management knowledge in disciplines such as data governance, data protection, data storage, and data operations a plus
• Excellent written and verbal communication and presentation skills
• High degree of initiative, self-direction, and ability to work well under pressure
• Experience in European Privacy law and Regulation
• International Association of Privacy Professionals qualifications and training Programmes are an advantage
• Accredited certification preferred: e.g., CIPP/E, CIPM and/or ISACA