Risk and Compliance Manager for Cebu Captive Operations

(November 2009) – (090047137)

RESPONSIBILITIES:

JPMorgan Chase & Co. – Cebu Captive Operations
JPMorgan Chase & Co. (NYSE: JPM) is excited to announce our latest expansion in the Philippines and we a number of exciting opportunities to be a part of our newest captive location in Cebu.  Working directly for JPMorgan chase & Co., you will be part of one of the leading financial services firms in the world and as part of Chase Card Services operations in Cebu, you will have the opportunity to play a key  role in building yet another critical part of our franchise.

About JPMorgan Chase &Co.
JPMorgan Chase and Co. has assets of approximately $2.2 trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small businesses and commercial banking, financial transaction processing, asset management and private equity. The headquarters for JPMorgan Chase is located in New York. J.P. Morgan Chase & Co. has six lines of business:

·       Asset Management
·       Card Services
·       Commercial Banking
·       Investment Bank
·       Retail Financial Services
·       Treasury & Securities Services

JPMorgan Chase and Co. holds leading positions in most major categories it competes in across its peer group. JPMorgan Chase and Co.  reported full-year 2008 earnings of $5.6 billion on revenue of $67.3 billion.  The firm intends to navigate through the intense credit and capital markets turbulence, protect the company and capitalize on any opportunities that present themselves.  The firm has a history of showing leadership during times of financial crisis and will continue to build on that legacy.  .

Culture:
JPMorgan Chase and Co. is committed to building vibrant communities, preserving the environment and promoting an inclusive culture that benefits its shareholders, customers, employees, neighbors and future generations.  The firm does this in multiple ways, ranging from charitable giving and diversity initiatives to the promotion of economic opportunity and development.  The organization strives to be fair and ethical in business practices and have a strong set of principles that guides our actions and informs decisions.  The firm is helping to protect the environment and deepening community involvement.

About Chase Card Services:
Chase Card Services is a key contributor to the JPMorgan Chase and Co. product platform, playing an integral role in the firm’s powerful banking franchise.  Today’s card industry is complex, and Chase Card Services has about 168 million cards in circulation and more than $190 billion in managed loans.  Chase Card Services is the largest general-purpose credit card issuer in the United States. Customers used Chase cards to meet more than $368 billion worth of their spending needs in 2008.
With hundreds of partnerships, Chase has a market leadership position in building loyalty programs with many of the world’s most respected brands.  Partners include AARP, BP, Amazon, Continental Airlines, Marriott, Sears Canada, Southwest Airlines, Sony, United Airlines, The Walt Disney Company and many other well known brands and organizations.

The Role

Scope
The Risk Manager’s scope extends to all risk domains – information risk, operational risk, resiliency, compliance risk, reputation risk, financial risk, tax risk, regulatory risk, migration risk and any other risk definitions that are relevant to JMPC for both the India and Philippines Cardmember Services.

Incident and Event Response (CSIRT) programs for Chase Card Services Technology
Drive strategy and implementation for CSIRT programs, coordinate with internal audit, compliance, fraud, corporate CSIRT team, and executive management
Coordination of all Incident Events for Chase Card Services
Drive events to conclusion with Senior Managers across the organization
Work with the vulnerability management group, develop and maintain an information security intelligence capability, including an “early warning system” for potential attacks and reporting for all Critical Vulnerabilities
Conduct post-mortem reviews of all security-related incidents, working in conjunction with production Assurance and other groups. Develop improvement plans as a result of each incident
Develop and maintain a capability to consistently and effectively respond to security-related incidents Chase Card Wide
Maintain relationships with internal groups, including FP&I and Physical Security; as well as external agencies (e.g., DHS, FS/ISAC) to enhance response capability
Participation in the creation and revision of IT Risk Management Policies and Standards
Participate on specific initiatives related to the overall PII (Personally Identifiable Information) program
Drive the overall Information Security goals and program for the Card organization

OSP Reviews
Perform technical risk reviews of third parties/vendor
Schedule reviews and site visits with third party operations on a timely basis
Carry out the review process and on-site reviews
Report findings to Card services stakeholders within after completion of the visit
Facilitate with the development of an Action Plan for the remediation of identified findings between OSP/Partner and LoB relationship manager
Monitor and verify adherence to Action Plan for the successful remediation of findings
Present reports to the Directors of Security for the LOB and to senior management
Facilitate cross-enterprise information risk management, issue resolution and cross discipline issue resolution
Develop third party risk management guidelines for Card Services
Educate Vendor and Partner Relationship Management on Third Party Review Process
Provide consulting and operational support to cross functional security activities and project teams
Manage multiple projects simultaneously with minimal supervision
Advise management on specific technologies that enable secure business growth and develop our relationships with partners and vendors

Compliance/Information Security
Ensure that compliance issues/concerns within the organization are being appropriately identified and investigated by conducting periodic compliance monitoring reviews and testing in Mumbai and Manila
Follow-up and monitor closure of open issues arising from these reviews, working closely with Operations and other functions within the organization
Provide recommendations and general guidance to various functions on how to avoid or deal with similar situations in the future
Design and implement Compliance scorecard for each LOB / function for Mumbai and Manila Card operations
Collaborate with other departments (e.g., Internal Audit, Performance Improvement, GPS, GS&I etc.) to direct compliance issues to appropriate existing channels / functions for investigation and resolution
Complete Risk and Control Matrices as required at least once annually
Ensure Mandatory Training is completed, tracking and escalating as needed
Perform Sensitive Data Reviews
Coordinate and complete the Phoenix Control Self Assessment exercise for Global Solutions processes twice a year
Ensure regular information security audits are performed
Participate as required as a Business Security Liaison
Collaborate with Information Security Stakeholders to leverage best practices, processes and techniques to ensure adherence to Security standards based on Card and uniqueness as required by location

Resiliency
Maintain Card’s resiliency strategy and initiatives as well as the strategies for each LoB and corporate functions operating in JMPC
Regular reviews of Card’s resiliency strategy with the global and India as needed. Identify opportunities and execute corrective measures to close them
Maintain the displacement seat allocations for LoBs and corporate functions
Proactively design and maintain contingency plans for potential incidents and crisis
Tabletop review of all contingency plans on a regular basis
Participate as par of the Crisis Management Team’s and the Site Incident Management Team’s operations

Risk Governance Forums
Complete deliverables as required by the JMPC’s and JPMSI and those in the Philippines, risk governance forums like the LOC
Ensure that all inputs for a meaningful discussion at the risk governance forums are compiled in an effective manner and disseminated to the relevant personnel for tangible outcome
Provide meaningful inputs for effective discussions as requested with the global risk governance forums
Channel information between the Card and JMPC

Identifying opportunities and executing closure
Proactively identify opportunities for de-risking Card operations in the business and corporate functions defining potential scenarios and solutions and recommend the most effective solution in discussion with the stakeholders and JPMSI as required
Review controls and risks to identify the failure modes, their probabilities, criticality, severity and relevant risk mitigation measures for  Card functions and initiatives
Continuously identify and benchmark risk mitigation programs and initiatives across LoBs and corporate functions in Card and outside.
Identify and share best-in-class solutions and initiatives with all LoBs and corporate functions in Card and help facilitate their implementation.

Reporting

Concurrently track and report on the progress of various risk mitigation and compliance projects
Escalate potential failure in delivery of programs to appropriate stakeholders and resolution owners in advance of the target date being compromised and resolve bottlenecks compromising the programs
Define and deliver a monthly balanced risk scorecard for Card
Demonstrate tangible improvement in Cards’s risk profile in India and Philippines as well as for each LoB and corporate functions in partnership with the Card Leadership and domestic oversight stakeholders
Prompt dissemination of information to all stakeholders

REQUIREMENTS:

Key Skills and Experience required for this job – mandatory

7-10 years’ experience in the risk management space

Hands-on experience in operational, information and compliance risk management
Pragmatic result-oriented approach
Must be a good communicator at all times – written and spoken
Ability to work under pressure and execute on multiple projects simultaneously
Ability to understand complex legal, regulatory and tax framework
Ability to effectively interface with all levels of the organization in India and outside
Ability to work in cross-functional teams
Project planning
Forward thinking
Analytical skills
Negotiation skills and building consensus

Additional skills and experience required for this job – preferred but not mandatory
Experience in leading the risk management team in a LoB / corporate function or at a risk consulting firm
Risk discipline qualifications i.e. CISA etc

Company Name :
JPMorgan Chase & Co.
Industry :
Call Center / IT-Enabled Services / BPO
Type of Company :
Private Limited Company, Foreign Based Company
Location :
7/F Net Quad Bldg., 4th Ave. Corner 30th St., Fort Bonifacio, Global City Taguig City