girl looking into her desktop
Back to search results

Compliance / Operational Risk Manager

Charlotte, North Carolina;

Job Description:

The Compliance and Operational Risk (C&OR) Manager is responsible for engaging in activities to provide independent compliance and operational risk oversight of Front Line Unit or Control Function (“FLU/CF”) performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy (collectively “the Policies”) and the Compliance and Operational Risk Management (“CORM”) Program and Standard Operating Procedures (SOPs). As a member of an FLU or CF C&OR officer team, the C&OR Manager is accountable for proactive identification, management and escalation of compliance and operational risks through the execution of some or all of the below identified activities. This role exercises judgment and influence, and may constructively challenge FLU and CF leaders to support the CORM Program objectives, balancing business strategy with appropriate controls.

The C&OR Manager proactively engages with other C&OR officers, including horizontal coverage owners and Enterprise Areas of Coverage (“EAC”), to provide comprehensive oversight of FLU/CF activities. This role develops and maintains a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The C&OR Manager prepares materials for C&OR regulatory exams/audits/inquiries and may provide consultation to business leaders in preparation for FLU/CF regulatory exams/audits/inquiries.

The C&OR Manager plans, drives and reviews team deliverables to support consistent quality of activities, processes and outputs. This role may contribute as a manager responsible for providing leadership direction to attract, assess, develop, motivate and retain a team, or may act as an individual contributor.

The C&OR Manager contributes to the requirements of the CORM Program requirements including, but not limited to the following activities:

• Produces and/or oversees the development of independent risk management reporting for respective area(s) of coverage as input governance and management routines
• Provides subject matter expertise to assist the FLU/CF in establishing an annual learning plan, may be accountable for developing and delivering training content
• Develops and maintains C&OR-owned policies and standards and/or provides oversight of FLU/CF-owned policies, standards and procedures to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of independent risk monitoring, testing and risk assessments, communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Required Skills: Minimum Years of Business & Functional Experience: 7 Years
Degree Required: Bachelor’s Degree; May require regulatory examination/registration or certification depending on jurisdiction and role

Specific LOB/segment/coverage area of this role: Core Technology Infrastructure (CTI) - Patching.


The Compliance and Ops Risk Manager is responsible for engaging in activities to contribute to the independent risk oversight of Core Technology Infrastructure (CTI) performance and any related third party/vendor relationships in alignment with the Risk Management Program.

As a member of a GTO Compliance and Operational Risk team, the Compliance and Ops Risk manager demonstrates and applies technology expertise in conjunction with risk acumen to promote a culture of compliance and the identification, escalation and timely mitigation of compliance and operational risks.

This role exercises judgment and influence, and may constructively challenge CTI leaders to support the Global Risk program objectives, balancing business strategy with appropriate controls.

Role activities:
• Assist the Compliance Executive in maintaining and communicating regulatory changes, advising and directing business leaders to ensure that regulatory requirements are addressed in their respective process and controls so that their day to day activities operate in a compliant manner.
• Engage other compliance officers and horizontal function roles to provide oversight of CTI activities.
• Conduct risk assessments of CTI (annual and targeted).
• Contribute to monitoring and testing coverage plans and related metrics for CTI.
• Monitor and test the effectiveness of CTIs control environment.
• Identify aggregate, report and escalate risks, issues and control enhancements.
• Assist business leaders in preparations for regulatory exams and audits for CTI.

This role will require partnering with CTI and across GTO to review processes that adhere to the bank security standards and other regulatory mandates.  A familiarity with Global Information Security baselines for patching GTO infrastructure.

Required and desired qualifications:

• 5+ years in Technology infrastructure
• Understanding of IT or Operations principles and controls
• Release Analysis
• Working knowledge of enterprise architecture
• Exposure to Information Security and Vulnerability Patching
• Effective communication with partners
• Analysis, problem solving, and business relationships skills
• Self-motivated, operates with a sense of urgency and strong attention to detail
• Advanced knowledge in the use of data analytic tools (Excel, Access, Tableau etc.)

• Financial Services or similarly regulated sector

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Compliance and Operational Risk (C&OR) Manager is responsible for engaging in activities to provide independent compliance and operational risk oversight of Front Line Unit or Control Function (“FLU/CF”) performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy (collectively “the Policies”) and the Compliance and Operational Risk Management (“CORM”) Program and Standard Operating Procedures (SOPs). As a member of an FLU or CF C&OR officer team, the C&OR Manager is accountable for proactive identification, management and escalation of compliance and operational risks through the execution of some or all of the below identified activities. This role exercises judgment and influence, and may constructively challenge FLU and CF leaders to support the CORM Program objectives, balancing business strategy with appropriate controls.

The C&OR Manager proactively engages with other C&OR officers, including horizontal coverage owners and Enterprise Areas of Coverage (“EAC”), to provide comprehensive oversight of FLU/CF activities. This role develops and maintains a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The C&OR Manager prepares materials for C&OR regulatory exams/audits/inquiries and may provide consultation to business leaders in preparation for FLU/CF regulatory exams/audits/inquiries.

The C&OR Manager plans, drives and reviews team deliverables to support consistent quality of activities, processes and outputs. This role may contribute as a manager responsible for providing leadership direction to attract, assess, develop, motivate and retain a team, or may act as an individual contributor.

The C&OR Manager contributes to the requirements of the CORM Program requirements including, but not limited to the following activities:

• Produces and/or oversees the development of independent risk management reporting for respective area(s) of coverage as input governance and management routines
• Provides subject matter expertise to assist the FLU/CF in establishing an annual learning plan, may be accountable for developing and delivering training content
• Develops and maintains C&OR-owned policies and standards and/or provides oversight of FLU/CF-owned policies, standards and procedures to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of independent risk monitoring, testing and risk assessments, communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Required Skills: Minimum Years of Business & Functional Experience: 7 Years
Degree Required: Bachelor’s Degree; May require regulatory examination/registration or certification depending on jurisdiction and role

Specific LOB/segment/coverage area of this role: Core Technology Infrastructure (CTI) - Patching.


The Compliance and Ops Risk Manager is responsible for engaging in activities to contribute to the independent risk oversight of Core Technology Infrastructure (CTI) performance and any related third party/vendor relationships in alignment with the Risk Management Program.

As a member of a GTO Compliance and Operational Risk team, the Compliance and Ops Risk manager demonstrates and applies technology expertise in conjunction with risk acumen to promote a culture of compliance and the identification, escalation and timely mitigation of compliance and operational risks.

This role exercises judgment and influence, and may constructively challenge CTI leaders to support the Global Risk program objectives, balancing business strategy with appropriate controls.

Role activities:
• Assist the Compliance Executive in maintaining and communicating regulatory changes, advising and directing business leaders to ensure that regulatory requirements are addressed in their respective process and controls so that their day to day activities operate in a compliant manner.
• Engage other compliance officers and horizontal function roles to provide oversight of CTI activities.
• Conduct risk assessments of CTI (annual and targeted).
• Contribute to monitoring and testing coverage plans and related metrics for CTI.
• Monitor and test the effectiveness of CTIs control environment.
• Identify aggregate, report and escalate risks, issues and control enhancements.
• Assist business leaders in preparations for regulatory exams and audits for CTI.

This role will require partnering with CTI and across GTO to review processes that adhere to the bank security standards and other regulatory mandates.  A familiarity with Global Information Security baselines for patching GTO infrastructure.

Required and desired qualifications:

• 5+ years in Technology infrastructure
• Understanding of IT or Operations principles and controls
• Release Analysis
• Working knowledge of enterprise architecture
• Exposure to Information Security and Vulnerability Patching
• Effective communication with partners
• Analysis, problem solving, and business relationships skills
• Self-motivated, operates with a sense of urgency and strong attention to detail
• Advanced knowledge in the use of data analytic tools (Excel, Access, Tableau etc.)

• Financial Services or similarly regulated sector

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21053061

Band: H4

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

James Henry

Referral Bonus:

0