Job Description
This is a great opportunity to join the EMEA CCOR team and work with leaders and team members and be provided the opportunity to broaden your own platform through your engagement on legal entity, regional and global initiatives. As a Horizontal Operational Risk Vice President within the Technology & Cybersecurity Operational Risk (“Tech & Cyber ORM”) team you will become pivotal to a team that is responsible for the design and oversight of the 2nd Line of Defense - independent risk management program for technology and cybersecurity risks, leveraging the Operational Risk Framework, regulatory guidance and laws, rules, and regulations. As an operational risk manager you will be responsible for the successful implementation and execution of the CCOR Tech & Cyber framework for EMEA Legal Entities and providing 2nd Line of Defense challenge and oversight to business, technology and cybersecurity partners. You will be supported by an experienced team affording you the opportunity to add value by playing a critical role in key initiatives, oversight of programs and regulatory dialogue. The position reports to the Technology & Cyber CCOR EMEA Lead for Outsourcing & Firmwide Business Resiliency Risk and represents an excellent opportunity for a proactive Vice President to oversee EMEA horizontal risk related to outsourcing and resilience. Job responsibilities: Drive the development of the operational risk management practice for Outsourcing and Resiliency risk LoBs / CFs within EMEA in a fast-paced business environment across Business and Technology. Partner with the local and global teams across Compliance, Conduct and Operational Risk (CCOR) organization and Line of Business / Corporate Function teams to evaluate Outsourcing and Resiliency risk. Work closely with the 1st Line of Defence governance teams and business stakeholders to evaluate risks and controls associated with Outsourcing and Resiliency, with close collaboration with regional and firmwide CCOR teams. Review and provide challenge of 1st Line of Defence assessments of Outsourcing and Resiliency risks prior to their presentation at Legal Entity board level. Challenge & Oversight – provide challenge and oversight of Outsourcing and Business Resiliency risk, working with the 1st line teams, executing monitoring and testing activities and completing second line risk assessments. Review of Key Risk and Metrics – review and challenge of risks, metrics and analytics as part of on-going oversight. Key Risk and Performance Indicators & Analytics - Governance of Key Performance Indicators including analysis of trends, outliers and underlying drivers; also includes support for the quarterly firm-wide Qualitative Operational Risk Appetite process. Continuous Monitoring & Testing – perform oversight of operational risks through participation in governance forums, major change management programs, point-in-time issue escalation, industry and regulatory meetings, internal strategic programs and review of internal operational risk events. Significant Event Reviews – review significant events over a defined economic threshold, including but not limited to, examination of event and resolution, metrics, escalations, reporting, and comparison against independent assessment results. Stay abreast of Industry news and regulatory developments to facilitate a proactive approach to risk identification and mitigation. Review root cause analysis on internal Tech operational risk events and those that occur externally in the industry. Required qualifications, skills, and capabilities: Adept at developing relationships, across JPMC Lines of Defence, with strong stakeholder management skills and the confidence, and character, to take ideas forward and to challenge others, where appropriate Ability to understand technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required. Experience in technology and operational risk oversight within the financial services industry highly desired; as is evidence of relevant transferable skills from other sectors. Understanding of technology risk management and control principles with a proven ability to anticipate and identify risks and effective mitigating actions. Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results with a high level of professionalism, self-motivation, and integrity Preferred qualifications, capabilities, and skills: Professional certifications such as CISSP, CCSP, CISA, CISM, CRISC are beneficial but not mandated #J-18808-Ljbffr