In the position of Compliance, Conduct and Operational Risk ("CCOR"), you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture is all about thinking outside the box, challenging the status quo and striving to be best-in-class.
As a Technology Compliance Officer within our Technology & Cyber CCOR team, you will be instrumental in shaping and developing the Technology Compliance programme. Your extensive knowledge and experience in European and global technology and cybersecurity laws, rules, and regulations will be crucial in this role. Stationed in our London office, you will critically assess the technology and cybersecurity function and play a pivotal role in regulatory engagement with supervisory authorities. Collaborating closely with the wider Technology & Cybersecurity CCOR team, you will contribute to the design and oversight of the 2nd Line of Defence independent risk management program for technology and cybersecurity risks. Your role will also extend to working on legal entity, regional and global initiatives, and participating in local and firmwide community, diversity, equity, and inclusion initiatives.
Job responsibilities
- Performs regulatory assessments of technology compliance related matters, including resiliency, outsourcing and cloud technology related matters
- Reviews regulations and impact assessments, and work with divisional partners to advise the relevant owners on the development of policies and procedures within the legal entity and across other group legal entities as necessary
- Keeps abreast of technology and data privacy regulatory and legislative changes and provide advice to enable the business to implement applicable changes and operate in a compliant and controlled manner
- Drives the development of the regional and legal entity alignment to CCOR framework, including IT Risk Profile, KRIs, Loss Data, Scenario Analysis
- Supports the review of significant events (including security events) over a defined economic threshold, including but not limited to, examination of event and resolution, back-testing against the firm’s risk management framework results, metrics, escalations, reporting, and scenarios
- Provides independent assessments of the risks and controls related to the adoption of technologies including Cloud, RPA and AI/ML
- Participates in the assessment of emerging risks as part of strategic business risk reviews, analysis of regulatory and market developments, New Business Initiative Approvals and review of external risk events