Ccor Technology

**JOB DESCRIPTION**
JPMorgan Chase is a leading global financial services firm with assets of $2.5 trillion and operations in more than 60 countries. The firm is a leader in investment banking, commercial banking, financial services for small business and consumers, financial transaction processing, asset management and private equity.

CCOR Technology & Cybersecurity (CCOR T&C) is a group within the Compliance, Conduct and Operational Risk (CCOR) organization and has areas of alignment across all Lines of business (LOBs), Regions and Corporate Functions (CFs), responsible for the independent oversight of first line operational risk management practices and compliance with technology and cybersecurity laws, rules, and regulations. Additionally, CCOR Technology & Cybersecurity provides Firmwide end-to-end independent second line coverage of Technology and Cybersecurity Compliance, Resiliency and Crisis Management, Insider Threat, and Global Supplier Services.

We are looking for a multi-disciplined forward-looking technologist with a diverse background and experience in areas such as cloud, AI/ML, distributed ledge technology, data management, internet of things, collaboration tools, compliance and oversight. Activities include: execution of risk assessments and perform analysis of technology and process controls, evaluation of obligations of applicable Laws, Rules & Regulations and/or requirements to both existing technology and emerging technology (e.g., distributed ledger, machine learning, quantum computing etc.), engage with the regulatory change management program, as well as working with LAC Compliance, Technology and Product functions to appropriately account for technology risks in their control frameworks. Written and verbal communication of results will be provided by the Technology Compliance Risk Officer to management, executive directors, managing directors and stakeholders.

**Key responsibilities include**:

- Act as the primary liaison to the corresponding Line of Business (LOB) or Corporate Function in Latam & Canada countries, representing the Technology & Cyber Operational Risk Officer (ORO) to the business, the Line of business (LOB) ORO, and the corresponding Technology organizations.
- Perform deep inspection of specific technologies in targeted processes or firm-wide evaluation.
- Keep abreast of current technology trends, vulnerabilities, and emerging technologies.
- Engage with technology teams to gain full understanding of technology and risk and control environment.
- Challenge first line technology teams as required.
- Understand third party and resiliency risks as related to specific technology area of expertise.
- Perform Risk Assessments of the corresponding inherent risks and mitigating controls, work with appropriate technology areas to identify potentially elevated risk concentrations globally, and recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices.
- Develop and perform ongoing analysis of significant events and operational risk loss, near miss and external events to inform results, technology assessments and scenario analysis. Additionally, investigate operational risk events meeting selection criteria; assist LOB OROs in determining the appropriate consideration of technology risk management and risk events.
- Represent CCOR T&C in Regulatory exams, key portfolio governance forums, share key learnings with the larger Tech ORM team and identify areas for escalation or further action.
- Identify compliance relevant risk against local regulations, firmwide and regional policies & standards through independent assessment and challenge.
- Manage compliance relevant risk through developing and/or executing monitoring and testing activities, creating issues, and supporting compliance training activities.
- Provide clear communication, escalation of activities/risks identified through the execution of risk assessments and delivering advisory guidance to all relevant stakeholders.
- Establish and maintain strong relationships and ongoing dialogue with key LAC Technology leaders, ISM, Tech Operational Risk Manager (ORM), and other CCOR personnel.

**Qualifications**:

- BS/BA degree in computer science or equivalent experience, MS degree preferred.
- 15 years or more proven experience in technology & cybersecurity development and oversight, with financial services experience highly desired.
- Experience in Technology, Data Management, Privacy and Cybersecurity regulations within Latin America and Canada.
- Broad and deep knowledge of current and emerging technologies (e.g. cloud, blockchain, machine learning) is required.
- Preferred certifications: CRISC, CISSP, CISA, CISM.
- Experienced in interactions with regulators, understanding of banking and securities rules and regulations for LAC (e.g., LGPD, CVM, BACEN, BCRA, IIROC, BANXICO, CNBV, BCRA, OCC, FFIEC guidelines) and of regulatory expectations for a culture of compli