Technology Compliance Manager - VP (m/f/d) - Frankfurt

Jobinhalt

CCOR Tech & Cyber is seeking a talented candidate for an Vice President position in the Compliance team of the European J.P. Morgan AG ("JPMAG") legal entity. The position holder is responsible for the successful implementation and execution of the CCOR Tech & Cyber framework within JPMAG and its branches and provides 2nd Line of Defense challenge and oversight to the technology and cybersecurity partners. It also plays a critical role ensuring regulatory compliance and regulatory dialogue.

The Position Represents An Excellent Opportunity For Candidates To

• Drive the development of the Technology Compliance practice in a fast-paced and growing business environment
• Develop knowledge in technology and cybersecurity and relevant regulation as well as industry standards
• Understand third party risks as applied to technology
• Partner with the local and global teams across Technology, Cyber Security and the Compliance, Conduct and Operational Risk (CCOR) organization
  

Technology Compliance Manager - J.P. Morgan AG (JPMAG)

The role covers Technology Compliance

• Provide regulatory advice for technology compliance related matters to support all areas of the legal entity including outsourcing and cloud technology related matters
• Review regulations and related regulatory mapping analyses, and work with divisional partners to advise the relevant owners on the development of policies and procedures within the legal entity and across other group legal entities as necessary
• Partner with Regional and Global Compliance function for to check for consistency and leverage best practices and strong collaboration Tech & Cyber ORM
• Keep abreast of technology and data privacy regulatory and legislative changes and provide advice to enable the business to implement applicable changes and operate in a compliant and controlled manner
  

Key Responsibilities Include

• Drive the development of the regional and legal entity alignment to CCOR framework , including IT Risk Profile, KRIs, Loss Data, CORE and Scenario Analysis, as well as, liaise with EU regulators in respect of Compliance with IT Risk regulation, as needed
• Significant Event Reviews - Support review significant events (including security events) over a defined economic threshold, including but not limited to, examination of event and resolution, back-testing against the firm’s risk management framework results, metrics, escalations, reporting, and scenarios
• Continuous Testing & Monitoring - Perform ongoing monitoring ensuring appropriate JPMAG policies, standards and procedures are in place
• Ensure Information Security Governance processes in compliance with EU regulation exist and provide updates as required to management
• Emerging Risk Assessment - Participate in assessment of emerging risks as part of strategic business risk reviews, analysis of regulatory and market developments, New Business Initiative Approvals and review of external risk events
• Advise on root cause analysis for internal events and those that occur externally in the industry
  

Qualifications

• 5+ years’ experience in technology/ technology development and operational risk or compliance oversight experience within the financial services industry highly desired
• EU and German Technology regulations knowledge is a must (e.g. MaRisk, Bait, EBA Guidelines)
• Knowledge and experience with Information Security and Risk Management standards and frameworks such as NIST, MITRE ATT&CK, FAIR and ISO 27001/27002 and modern development practices and supporting toolsets (e.g. Agile, DevOps, Git)
• Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required
• Understanding of technology risk management and control principles with a proven ability to anticipate and identify risks and effective mitigating actions
• Adept at developing relationships with strong stakeholder management skills with the confidence to take ideas forward and to challenge others, where appropriate
• Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results with a high level of professionalism, self-motivation, and integrity
• Bachelor’s Degree in Computer Science, Computer Engineering, Engineering, Information Security or related field; post-graduate degree a plus
• Fluency in German and English is essential
• Professional certifications such as CISSP, CCSP, CISA, CISM, CRISC are beneficial
  

What We Offer

• Supportive environment to combine work and family requirements: flexible work arrangements, plus special support for working parents in emergency situations with free emergency childcare services and our very own parent-child office
• Financial stability: competitive salaries, pension provisions via the BVV and our very own pension plan as well as an accident insurance
• Personal wellbeing: a range of offers available - from on-site medical checks and vaccinations to educational sessions and a subsidised in-house canteen, plus the option to increase your vacation entitlement to more than the standard 30 days pa
• Create a workspace where you can be yourself: you can get involved in our local philanthropic agenda, join employee networking groups and the JPM Club for social activities
• Build your career: benefit from our bespoke mentoring programme and a broad range of learning and development offerings

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.