The Global Privacy Compliance Governance team is seeking a compliance professional to manage the Global Privacy Incident Management (GPIM) Program. The role will be responsible for managing the enterprise-wide Incident Management process, the incident management system of record, and providing support to LOB/CF incident response teams. The role will be located in the New York Metro Area and will report to the Global Head of Data Protection & Privacy Compliance Governance.
- Establish the strategic direction for the Privacy Incident Program utilizing a centralized support model to provide oversight and drive consistency across the organization
- Maintain the framework, including: the Potential Breaches of Information Policy, Incident Response Standard, Operating Model, System of Record and Credit Monitoring Invoice process.
- Serve as the central point of contact for Program inquiries from incident response teams, JPMC workforce and external partners.
- Lead the Global Privacy Incident Forum & participate in forums/committees to provide senior management and key stakeholders with updates on the Program and drive awareness to the Policy.
- Maintain and manage the privacy incident system of record; partner with Technology to monitor system stability, operating effectiveness, access controls, enhancements, production issues, and UAT.
- Oversee high severity incidents including; investigations, internal and external reporting, regulatory communications and global advisory support.
- Develop a privacy incident risk monitoring process to identify and oversee risks, issues, and control deficiencies impacting the Program.
- Develop and maintain strong relationships with senior leaders to discuss high severity incidents, emerging risks impacting their business, root causes of incidents and risk mitigation strategies.
- Effectively engage key corporate functions/forensic teams to provide guidance for inclusion of Incident Management Standards and communications into their respective Programs.
- Respond to requests for information from Audit, Compliance, Control Officer or Regulators that are associated with the Global Privacy Incident Management Program.
- Partner with members of the GPO to assess evolving regulatory requirements that may impact the Policy and Program; provide support for top level firm priorities.
- Evaluate and strengthen the process for defining and documenting Privacy Incidents in the System of Record to support reporting requirements.
- Bachelor’s Degree or a combination of equivalent education and experience
- Minimum 10 years of related experience; Financial Services or Regulatory experience preferred
- Experience overseeing and managing privacy incidents & leading programs
- Understanding of global privacy laws, US state breach laws, and general compliance requirements
- Certified Information Privacy Professional (CIPP) certification preferred
- Experience managing software applications and interfacing with technology teams
- Leadership experience with proven ability to gain commitment and influence change
- Excellent verbal and written communication and presentation skills
- Ability to manage multiple initiatives simultaneously in a dynamic, fast-paced environment
- Strong project management skills, with experience managing large-scale and time sensitive projects
- Highly organized, extremely detail and control orientated
- Advanced skills in Microsoft Excel, Word, PowerPoint and other reporting tools
- Effectively manage relationships, facilitates effective communication, and works with the senior team to assess needs, understand requirements and develop solutions
Application Submission Information:
Please email resume to email@example.com