Exciting opportunity as a Compliance, Conduct, Operational Risk (CCOR) Operational Resiliency Risk Lead, where you will report to the Head of CCOR Resiliency Risk and work across the 1st and 2nd Lines of Defense to coordinate global, strategic risk oversight of the firm’s operational resiliency related risk and control environment of JP Morgan Chase. You will need to have an in depth understanding of operational risk management and control including those related to business, technology and third party resiliency domains along with working collaboratively with the resiliency risk team plus other Line of Defense partners to broadly think across all operational risks impacting the firm’s operational resiliency. You will work with other specialist areas to provide effective assessment and challenge of risk, and informed consultation.
Job Responsibilities
- Support continued expansion of the Compliance, Conduct, Operational Risk (CCOR) Resiliency Risk Program, including interconnectedness between various Operational Resiliency domains (Business, Third Party, Data, Sites, etc.)
- Assess and challenge the firm’s 1LOD Global Resiliency program.
- Identify, monitor, and test the implementation and governance of operational resiliency processes and controls inherent in the JPMorgan Chase environment.
- Build strong relationships and work collaboratively across other CCOR Lines of Business (LOBs)/Corporate Functions (CFs) business and operational risk coverage teams to ensure they have appropriate knowledge and information to assess and challenge the resiliency risks and controls affecting their coverage area.
- Monitor and analyze emerging risks and recommend appropriate risk mitigation strategies
- Assess 1LOD remediation action plans for timely completion and escalate any known weakness in the overall resilience landscape within the firm.
- Engage with key stakeholders regularly and provide consistent and comprehensive status of the resilience risk gaps and remediation activities.
- Analyze and report metrics (KRIs/KPIs) and incidents to assess risk and identify risk trends and control gap.
Required Qualifications, Capabilities, and Skills
- 7+ years or more proven experience in Operational Risk, Technology Risk, Third Party Risk, Business Continuity Management or Disaster Recovery programs.
- University degree in a business, finance, technology, law, or audit, ideally combined with further education in Operational Risk or related fields (such as Certified Internal Auditor)
- Strong background in operational resilience risks including, but not limited to, business continuity risk, technology and cyber resiliency risks, third party risk or other emerging risk domains
- Ability to challenge 1LOD in order to ensure maintenance of risk appetite and tolerance levels, driving issue management where required
- Demonstrated ability to successfully communicate complex and nuanced topics orally and in writing across multiple levels in the organization.
- Strong organizational skills, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results
- Ability to work with large, complex data sets and perform targeted risk-based data analysis
- Highly disciplined, Solution-oriented mindset, excellent communication, interpersonal and stakeholder management
- High level of professionalism, self-motivation, intellectual curiosity, and sense of urgency
- Familiarity with the financial services industry and a strong understanding of processes and associated business controls
Preferred Qualifications, Capabilities, and Skills
- Strong understanding of risk management principles and practices.
- Certified Business Continuity Professional (CBCP), Certified in Risk and Information Systems Control (CRISC), or related certifications or related is preferred
- Familiarity with resiliency related industry standards and guidelines: ISO 22301, CERT RMM, FFIEC, and ITIL with professional Certification such as MBCI, CBCP and other relevant industry certification
- Strong knowledge and experience in business resiliency design and implementation perspective in one or more of the following areas: Technology Infrastructure, Third Party, Technology & Business Continuity Plan and Disaster Recovery, Cyber resiliency, Data Corruption, Cloud Resiliency, and Data Center resiliency procedures/solutions
- Excellent MS Excel and PowerPoint proficiency