The Global Privacy Office (GPO) is a Corporate Compliance function that is responsible for the development and administration of an enterprise-wide Global Privacy Program that includes privacy incident management. The GPO establishes minimum privacy requirements, provides compliance guidance to lines of business (LOBs) and corporate functions (CFs), monitors the regulatory landscape, and provides management with transparency into the organization’s privacy risks and issues.
The Global Privacy Compliance Governance team is seeking a compliance professional to manage the Global Privacy Incident Management (GPIM) Program. The role will be responsible for managing the enterprise-wide Incident Management process, the incident management system of record, and providing support to LOB/CF incident response teams. The role will be located in the New York Metro Area and will report to the Global Head of Data Protection & Privacy Compliance Governance.
• Establish the strategic direction for the Privacy Incident Program utilizing a centralized support model to provide oversight and drive consistency across the organization
• Maintain the framework, including: the Potential Breaches of Information Policy, Incident Response Standard, Operating Model, System of Record and Credit Monitoring Invoice process.
• Serve as the central point of contact for Program inquiries from incident response teams, JPMC workforce and external partners.
• Lead the Global Privacy Incident Forum & participate in forums/committees to provide senior management and key stakeholders with updates on the Program and drive awareness to the Policy.
• Maintain and manage the privacy incident system of record; partner with Technology to monitor system stability, operating effectiveness, access controls, enhancements, production issues, and UAT.
• Oversee high severity incidents including; investigations, internal and external reporting, regulatory communications and global advisory support.
• Develop a privacy incident risk monitoring process to identify and oversee risks, issues, and control deficiencies impacting the Program.
• Develop and maintain strong relationships with senior leaders to discuss high severity incidents, emerging risks impacting their business, root causes of incidents and risk mitigation strategies.
• Effectively engage key corporate functions/forensic teams to provide guidance for inclusion of Incident Management Standards and communications into their respective Programs.
• Respond to requests for information from Audit, Compliance, Control Officer or Regulators that are associated with the Global Privacy Incident Management Program.
• Partner with members of the GPO to assess evolving regulatory requirements that may impact the Policy and Program; provide support for top level firm priorities.
• Evaluate and strengthen the process for defining and documenting Privacy Incidents in the System of Record to support reporting requirements.
· Bachelor’s Degree or a combination of equivalent education and experience
· Minimum 10 years of related experience; Financial Services or Regulatory experience preferred
· Experience overseeing and managing privacy incidents & leading programs
· Understanding of global privacy laws, US state breach laws, and general compliance requirements
· Certified Information Privacy Professional (CIPP) certification preferred
· Experience managing software applications and interfacing with technology teams
· Leadership experience with proven ability to gain commitment and influence change
· Excellent verbal and written communication and presentation skills
· Ability to manage multiple initiatives simultaneously in a dynamic, fast-paced environment
· Strong project management skills, with experience managing large-scale and time sensitive projects
· Highly organized, extremely detail and control orientated
· Advanced skills in Microsoft Excel, Word, PowerPoint and other reporting tools
· Effectively manage relationships, facilitates effective communication, and works with the senior team to assess needs, understand requirements and develop solutions
Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.
Sign in to our application system to continue your job search.
Current employees sign in here.
You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.
During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.