girl looking into her desktop
Back to search results

Information Security Policy Adherence Assessment Compliance and Operational Risk Specialist

Charlotte, North Carolina;

Job Description:

The Compliance and Operational Risk (“C&OR”) Specialist assists the C&OR officer team in activities to contribute to the independent compliance and operational risk oversight of Front Line Unit or Control Function (“FLU/CF”) performance and any related third party/vendor relationships in alignment with the Global Compliance -- Enterprise Policy, the Operational Risk Management -- Enterprise Policy (collectively “the Policies”) and the Compliance and Operational Risk Management (“CORM”) Program and Standard Operating Procedures (SOPs).

The C&OR Specialist assists in engaging other C&OR officers, including horizontal coverage owners and Enterprise Areas of Coverage (“EAC”), to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The C&OR Specialist assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries.

The C&OR Specialist is accountable for assisting the C&OR Team in the proactive identification, escalation and timely mitigation of compliance and operational risks through the execution of some or all of the following activities:

• Assists in the development of independent risk management reporting for respective area(s) of coverage as input into governance and management routines
• Contributes to the oversight of FLU/CF training which may include content development and/or tracking and communication of employee completion rates
• Assists with the development and maintenance of C&OR owned policies and standards and/or the oversight of FLU/CF-owned policies, standards and procedures to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintains a comprehensive regulatory inventory; may support communication of regulatory changes to the FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements
• Assists in identifying, aggregating, reporting, escalating, inspecting and challenging remediation plans, and performing thematic analysis on FLU/CF-owned issues and control enhancements
• Assists in remediating C&OR “owned” issues and control enhancements
• Contributes to risk coverage plan development, executes independent risk monitoring, testing, and risk assessments, communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
• Supports the review and challenge of internal and external operational loss events, including development of remediation plans to strengthen controls
• Assists with the development of risk metrics, monitors related performance and breach remediation

Required Skills:
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies 
• Information Security, Auditing, or Control Function background is desired, but not required 
• Understanding of how technology interacts with other technology 
• Highly organized and motivated to deliver results with minimal direction 
• Creative and proactive problem solver – ability to understand what the team needs and offer  suggestions above and beyond what they desire 
• Naturally curious individual with the ability to quickly become the authority in the various data and  systems used by the team 
• Strong relationship, team building and facilitation skills 
• Proficient with Microsoft Office (Word, PowerPoint, Excel) and Visio

Desired Skills:
• 5 years of experience operating within an information security environment.
• Bachelor's degree in Information Technology or related field
• Prior Governance, Compliance, and or Audit experience desired.
• Broad awareness of information security operations and/or enterprise information technology (Enterprise data management, application development, network management).
• Familiarity with independent audit, assessment, QA/QC functions desired.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Compliance and Operational Risk (“C&OR”) Specialist assists the C&OR officer team in activities to contribute to the independent compliance and operational risk oversight of Front Line Unit or Control Function (“FLU/CF”) performance and any related third party/vendor relationships in alignment with the Global Compliance -- Enterprise Policy, the Operational Risk Management -- Enterprise Policy (collectively “the Policies”) and the Compliance and Operational Risk Management (“CORM”) Program and Standard Operating Procedures (SOPs).

The C&OR Specialist assists in engaging other C&OR officers, including horizontal coverage owners and Enterprise Areas of Coverage (“EAC”), to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The C&OR Specialist assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries.

The C&OR Specialist is accountable for assisting the C&OR Team in the proactive identification, escalation and timely mitigation of compliance and operational risks through the execution of some or all of the following activities:

• Assists in the development of independent risk management reporting for respective area(s) of coverage as input into governance and management routines
• Contributes to the oversight of FLU/CF training which may include content development and/or tracking and communication of employee completion rates
• Assists with the development and maintenance of C&OR owned policies and standards and/or the oversight of FLU/CF-owned policies, standards and procedures to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintains a comprehensive regulatory inventory; may support communication of regulatory changes to the FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements
• Assists in identifying, aggregating, reporting, escalating, inspecting and challenging remediation plans, and performing thematic analysis on FLU/CF-owned issues and control enhancements
• Assists in remediating C&OR “owned” issues and control enhancements
• Contributes to risk coverage plan development, executes independent risk monitoring, testing, and risk assessments, communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
• Supports the review and challenge of internal and external operational loss events, including development of remediation plans to strengthen controls
• Assists with the development of risk metrics, monitors related performance and breach remediation

Required Skills:
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies 
• Information Security, Auditing, or Control Function background is desired, but not required 
• Understanding of how technology interacts with other technology 
• Highly organized and motivated to deliver results with minimal direction 
• Creative and proactive problem solver – ability to understand what the team needs and offer  suggestions above and beyond what they desire 
• Naturally curious individual with the ability to quickly become the authority in the various data and  systems used by the team 
• Strong relationship, team building and facilitation skills 
• Proficient with Microsoft Office (Word, PowerPoint, Excel) and Visio

Desired Skills:
• 5 years of experience operating within an information security environment.
• Bachelor's degree in Information Technology or related field
• Prior Governance, Compliance, and or Audit experience desired.
• Broad awareness of information security operations and/or enterprise information technology (Enterprise data management, application development, network management).
• Familiarity with independent audit, assessment, QA/QC functions desired.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21072111

Band: H5

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

James Henry

Referral Bonus:

0

Street Address

Primary Location:
100 N TRYON ST, NC, Charlotte, 28255
Additional Locations: