Senior Business Analyst - Ops Risk & Control

Senior Business Analyst - Ops Risk & Control

Job Description:

The Technology Operational Risk Group Manager is accountable for management of complex, critical, and large professional disciplinary areas. Leads and directs a team of professionals. Requires a comprehensive understanding of multiple areas within a function and how they interact to achieve the objectives of the function. Applies in-depth understanding of the business impact of technical contributions. Strong commercial awareness is a necessity. Generally accountable for delivery of a full range of services to one or more businesses or geographic regions. Excellent communication skills are required to negotiate internally, often at a senior level. Some external communication may be necessary. Accountable for the end results of an area. Exercises control over resources, policy formulation, and planning. Primarily affects a sub-function. Involved in short- to medium-term planning of actions and resources for own area. Full management responsibility of a team or multiple teams, including management of people, budget, and planning, to include performance evaluation, compensation, hiring, disciplinary actions, terminations, and budget approval.

Responsibilities:

1. Establishes and oversees the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
2. Independently assesses risks and drives actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
3. Governance and oversight may include (not limited to) technology operational risk, cyber risk for example.
4. Serves as an oversight function working with the In-Business OR and Independent Risk Teams.
5. Drives Operation Risk Anticipation, Mitigation, and Loss Recovery (and respective Recovery Plans).
6. Ensures Operation Risk Policy implementation and exception approvals.
7. Informs Operational Risk Council on Sub-Segment Level OR related matters.
8. Attends In Business Risk Committees.
9. Leads and oversees the annual Key Risk Indicator (KRI) reviews.
10. Monitors KRCIs triggers and thresholds and the analysis by the Business.
11. Liaises with Business ORM on breaches and action steps to correct breaches.
12. Communicates and escalates breaches in KRCIs at the Segment Level.
13. Works on T-10 (deep dive root cause analysis) with support of In-Business ORM and drives corrective actions.
14. Exports best practices and common risk, controls, and corrective actions through Framework Papers.
15. Ensures that wide KORs and KRCIs are communicated and understood by Businesses.
16. Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding company and its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervising the activity of others and creating accountability with those who fail to maintain these standards.

Qualifications:

1. 10+ years significant relevant experience working in an Operational Risk, Technology Risk, IT Audit, Operational Control, Information Security or related field (financial services industry experience preferred).
2. Established understanding of software design, application development, distributed systems, SDLC, and/or technology operations (hands-on experience preferred).
3. Project management experience demonstrating strong analytical skills exhibiting ability to solve complex problems in new and varied environments, processes, and technologies helpful.
4. Compliance experience helpful.
5. Understanding of financial regulation, operational management, vendor management and RCSA or related control processes across a global environment helpful.
6. Demonstrable ability to analyze and monitor risk control issues through to resolution.
7. Excellent written and verbal communication skills.
8. Exhibit strong influencing/negotiating skills with attention to detail.

Education:

Bachelors/University degree, Masters degree preferred.