Job Description:
Cybersecurity and Technology Compliance Officer
Based in our Dublin office, you will play a critical role in regulatory engagement with supervisory authorities and challenge the technology and cybersecurity function.
You will work closely with the wider Technology & Cybersecurity team responsible for designing and overseeing the 2nd Line of Defence independent risk management program for technology and cybersecurity risks.
This role offers opportunities to broaden your impact by working on legal entity, regional, and global initiatives, as well as contributing to local and firmwide community, diversity, equity, and inclusion initiatives.
Main Responsibilities:
* Perform regulatory assessments of technology compliance-related initiatives, including resiliency, outsourcing, and cloud technology related matters.
* Review regulations and impact assessments and advise on policy development.
* Keep abreast of technology and data privacy regulatory and legislative changes and provide advice to enable the business to implement applicable changes and operate in a compliant and controlled manner.
* Drive the development of regional and legal entity alignment to the CCOR framework, including IT Risk Profile, KRIs, Loss Data, Scenario Analysis.
* Support the review of significant events (including security events) over a defined economic threshold, including but not limited to, examination of event and resolution, back-testing against the firm's risk management framework results, metrics, escalations, reporting, and scenarios.
* Provide ongoing monitoring to ensure appropriate application of policies, standards, and procedures.
* Perform independent assessments of the risks and controls related to the adoption of technologies including Cloud, AI/ML, and Io T.
Requirements:
* Strong experience in cybersecurity, governance, operational risk, or technology compliance within the financial services industry or equivalent role in the technology industry.
* Knowledge of key IT laws, rules, and regulations for the UK and European Union, such as DORA, EU AI Act, Mi CA, NIS, PRA SS1/21.
* Understanding of Information Security and Risk Management standards and frameworks, such as NIST, ISO, and modern development practices and supporting toolsets.
* Able to understand complex technical systems and the business processes they support, synthesizing the corresponding risks and controls and recommending adjustments if required.
* Strong organizational, project management, multi-tasking, and stakeholder management skills, with demonstrated ability to manage expectations and deliver results with a high level of professionalism, self-motivation, and integrity.
About Us:
J.P. Morgan is a global leader in financial services, providing strategic advice and products to prominent corporations, governments, wealthy individuals, and institutional investors.
We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success.
We value diversity and inclusion at our company and are an equal opportunity employer.