girl looking into her desktop
Back to search results

Global Change EAC Compliance & Operational Risk Specialist - Oversight & Assessments

Charlotte;

Job Description:

The Enterprise Area of Coverage (EAC) Compliance & Operational Risk (C&OR) Specialist is an individual contributor member of an EAC C&OR team that is responsible for enterprise-wide oversight of processes, controls, laws, rules, and/or regulations that have enterprise-wide applicability, affecting two or more Front Line Units or Control Functions (“FLU/CF”) (examples include Third Party, Privacy, Reg W). Responsibilities include identifying, escalating and mitigating risks in a timely manner in alignment with the C&OR Management (“CORM”) Program, with the Global Compliance -- Enterprise Policy, the Operational Risk Management -- Enterprise Policy (collectively “the Policies”), and delivering on the other requirements in the Policies.
The EAC C&OR Specialist assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Specialist also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries.

Activities this role performs for their area of coverage include, but are not limited to:

• Assists in the development of independent risk management reporting as input into governance and management routines
• Assists with the oversight of FLU/CF training, which may include content development and/or tracking and communication of completion rates
• Assists with the development and maintenance of C&OR-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintains a comprehensive regulatory inventory; may support communication of regulatory changes to the FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements
• Assists in identifying, aggregating, reporting, escalating, inspecting and challenging remediation plans, and performing thematic analysis on FLU/CF-owned issues and control enhancements
• Assists in remediating C&OR “owned” issues and control enhancements
• Executes C&OR Monitoring, Testing, and Assessments; communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
• Supports the review and challenge of internal and external operational loss events, including development of remediation plans to strengthen controls
• Supports Scenario Analysis activities to provide a forward-looking estimate of hypothetical operational losses
• Assists with the development of risk metrics, monitors related performance and breach remediation

Required Skills: Minimum Years Business & Functional Experience: 3 years
Degree Required: Bachelor’s Degree or equivalent experience

Desired Skills: Knowledge of or certification in law, rule, regulation or area of coverage (i.e.: SCRA, Privacy); Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Required Skills and Experience:
• 2+ years of Audit, Risk, Compliance, Change Management, Project Management experience
• 2+ years of direct experience with compliance risk identification and/or oversight
• 4 Year degree or equivalent relevant experience
• Superior critical thinking ability, intellectual curiosity, willingness, and desire to learn new skills with an attention to details
• Proficient at adapting to and managing constant change

• Communication –
o Develop draft leadership communication materials (e.g., PowerPoint presentations) with minimal guidance
o Ability to document and maintain procedures
• Analytical skills –
o Analyze data and trends with comprehension of the details report and escalate when needed, recognize trends in performance and identify systemic skill gaps to curate solutions
o Synthesize information/data and determine issue/solution
o Ability to identify risks in “gray areas”
• Facilitation –
o Demonstrates the knowledge, skills, motivations, and behaviors required to be a successful meeting facilitator while maintaining audience attention and engagement
• Prioritization –
o Demonstrate an agile work methodology, adjusting priorities as business needs evolve
o Independently manage and prioritize time and deliverables with minimal supervision
• Change Management –
o Candidate will need to demonstrate an understanding of the Global Change Policy, Standards, requirements
o Seeks best practices and insights, reaches beyond own experience, engages top performers and global resources for input on best practices
• Compliance and Risk Management Acumen -
o Ability to identify, escalate, debate and recommend solutions to risk management issues in a regulated environment
o Promoting a culture across the company where risk management is embraced as vital to achieving responsible growth

Desired Skills and Experience:
• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or alternate compliance certification
• Experience implementing compliance and risk mitigation, oversight, and/or assessments focused on change both technical or non-technical
• Experience with implementing technical changes, release readiness, incident management, problem management, permit to operate, permit to send
• Data Analytics / Automation Skills (intermediate Excel, Access, and SharePoint, SQL, Apteryx, SAS,) a plus
• Working knowledge of evaluating effective Quality Assurance programs, procedures and scripts
• Working knowledge of essential tools such as PPRT, Remedy, AppHQ, CECE, GCP AR, JIRA, Changescape, eSMART, Process Owner Portal (POP) and ORCIT

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

2000

Job Description:

The Enterprise Area of Coverage (EAC) Compliance & Operational Risk (C&OR) Specialist is an individual contributor member of an EAC C&OR team that is responsible for enterprise-wide oversight of processes, controls, laws, rules, and/or regulations that have enterprise-wide applicability, affecting two or more Front Line Units or Control Functions (“FLU/CF”) (examples include Third Party, Privacy, Reg W). Responsibilities include identifying, escalating and mitigating risks in a timely manner in alignment with the C&OR Management (“CORM”) Program, with the Global Compliance -- Enterprise Policy, the Operational Risk Management -- Enterprise Policy (collectively “the Policies”), and delivering on the other requirements in the Policies.
The EAC C&OR Specialist assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Specialist also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries.

Activities this role performs for their area of coverage include, but are not limited to:

• Assists in the development of independent risk management reporting as input into governance and management routines
• Assists with the oversight of FLU/CF training, which may include content development and/or tracking and communication of completion rates
• Assists with the development and maintenance of C&OR-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintains a comprehensive regulatory inventory; may support communication of regulatory changes to the FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements
• Assists in identifying, aggregating, reporting, escalating, inspecting and challenging remediation plans, and performing thematic analysis on FLU/CF-owned issues and control enhancements
• Assists in remediating C&OR “owned” issues and control enhancements
• Executes C&OR Monitoring, Testing, and Assessments; communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA)
• Supports the review and challenge of internal and external operational loss events, including development of remediation plans to strengthen controls
• Supports Scenario Analysis activities to provide a forward-looking estimate of hypothetical operational losses
• Assists with the development of risk metrics, monitors related performance and breach remediation

Required Skills: Minimum Years Business & Functional Experience: 3 years
Degree Required: Bachelor’s Degree or equivalent experience

Desired Skills: Knowledge of or certification in law, rule, regulation or area of coverage (i.e.: SCRA, Privacy); Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Required Skills and Experience:
• 2+ years of Audit, Risk, Compliance, Change Management, Project Management experience
• 2+ years of direct experience with compliance risk identification and/or oversight
• 4 Year degree or equivalent relevant experience
• Superior critical thinking ability, intellectual curiosity, willingness, and desire to learn new skills with an attention to details
• Proficient at adapting to and managing constant change

• Communication –
o Develop draft leadership communication materials (e.g., PowerPoint presentations) with minimal guidance
o Ability to document and maintain procedures
• Analytical skills –
o Analyze data and trends with comprehension of the details report and escalate when needed, recognize trends in performance and identify systemic skill gaps to curate solutions
o Synthesize information/data and determine issue/solution
o Ability to identify risks in “gray areas”
• Facilitation –
o Demonstrates the knowledge, skills, motivations, and behaviors required to be a successful meeting facilitator while maintaining audience attention and engagement
• Prioritization –
o Demonstrate an agile work methodology, adjusting priorities as business needs evolve
o Independently manage and prioritize time and deliverables with minimal supervision
• Change Management –
o Candidate will need to demonstrate an understanding of the Global Change Policy, Standards, requirements
o Seeks best practices and insights, reaches beyond own experience, engages top performers and global resources for input on best practices
• Compliance and Risk Management Acumen -
o Ability to identify, escalate, debate and recommend solutions to risk management issues in a regulated environment
o Promoting a culture across the company where risk management is embraced as vital to achieving responsible growth

Desired Skills and Experience:
• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or alternate compliance certification
• Experience implementing compliance and risk mitigation, oversight, and/or assessments focused on change both technical or non-technical
• Experience with implementing technical changes, release readiness, incident management, problem management, permit to operate, permit to send
• Data Analytics / Automation Skills (intermediate Excel, Access, and SharePoint, SQL, Apteryx, SAS,) a plus
• Working knowledge of evaluating effective Quality Assurance programs, procedures and scripts
• Working knowledge of essential tools such as PPRT, Remedy, AppHQ, CECE, GCP AR, JIRA, Changescape, eSMART, Process Owner Portal (POP) and ORCIT

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-22047354

Band: H5

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

Kayla Fimple

Referral Bonus:

2000