Bring your expertise to JPMorgan. As part of Compliance, Conduct and Operational Risk (CCOR), you are at the center of keeping J.P. Morgan Chase strong and resilient. You help the firm manage its data in a responsible way by anticipating new and emerging risks and using your expert judgment to solve real-world challenges that impact our company and customers. Our culture in Compliance, Conduct and Operational Risk is all about thinking outside of the box, challenging the status quo, and striving to be best in class.

As a Privacy Compliance Risk Vice President with the Global Data Risk Management & Privacy group, you will be part of an innovative and talented team providing privacy expertise, oversight, and credible challenge. This position requires knowledge of a variety of domestic and international privacy laws and experience with privacy policies, risk assessments, and breach notification investigations and reporting. You will be a member of the the firm’s Global Privacy Office and will develop and maintain privacy-related policies, guidance, training, and oversight activities for the firm; provide subject matter expertise on privacy risk identification and controls; and provide oversight and challenge to the firm’s privacy incident response process. 

Job responsibilities

• Develop review, and maintain policies, standards, and guidance that establish minimum requirements for complying with key privacy laws, rules, regulations, and industry standards.
• Remain current with the evolving privacy and data protection regulatory landscape.
• Work directly with senior leaders in CCOR and the first line of defense to provide credible challenge to assessments of the privacy risk and control environment, including issue identification and remediation and control effectiveness.
• Advise on privacy-related monitoring & testing activities, including working with technology teams to develop and/or expand automation of monitoring activities.
• Escalate emerging risks and issues and prepare and present relevant reports for senior leaders.
• Support regulatory engagements related to privacy, including responding to queries, regular meetings, and exams, focus reviews, or on-site inspections, through drafting responses or creating presentation materials.

Required qualifications, capabilities, and skills

• Minimum 5 years of work experience with global privacy laws, rules, regulations and/or industry standards, including the Gramm Leach Bliley Act, the General Data Protection Regulation, the LG PD, and the CCPA
• Experience drafting firmwide privacy compliance policies, standards, training, and privacy risk assessments, such as Privacy Impact Assessments, or Data Protection Impact Assessments
• Experience in data privacy incident and breach investigation, reporting, and notification
• Experience working at a multinational company and with multiple stakeholders
• Highly motivated, energetic self-starter who takes ownership and manages deliverables with a strong attention to detail and completes deliverables in a timely manner
• Collaborates effectively with colleagues at all levels of seniority, across all lines of business and corporate functions and senior stakeholders across the organization
• Ability to quickly understand and assess complex situations or processes, makes decisions and escalates when necessary
• Strong analytical skill set, practical judgment, and influencing abilities
• Strong verbal and written communication skills; ability to clearly and succinctly demonstrate a sound understanding of the most relevant issues, risks, and concerns (including written communications) and provide an independent assessment

Preferred qualifications, capabilities, and skills

• Minimum 5 years of work experience in the financial services industry or another highly regulated industry
• Work experience in Compliance, Risk, or Legal
• A current Certified Information Privacy Professional certification