Risk Analysis Specialist II

Job Description:

Responsible for performing complex analysis and is engaged in the development of modeling that maximizes profits and asset growth and minimizes credit and operating losses and other risk exposures. Provides analytical support on various product strategies to ensure company goals are met. Coordinates the production of performance reports for Senior Management. Reviews and analyzes trends in current population distributions and recommends strategies. May participate in or develop complex program models to extract data and use databases to provide statistical and financial modelling.

Master's degree or large data experience preferred; Programming experience and relevant degree or large data experience required.

Overview of Global Risk Analytics
Bank of America Merrill Lynch has an opportunity for a Risk Analysis Specialist II (B5 Data Compliance Analyst) within our Global Risk Analytics (GRA) function. GRA is a sub-line of business within Global Risk Management (GRM).  GRA is responsible for developing a consistent and coherent set of models and analytical tools for effective risk and capital measurement, management and reporting across Bank of America. GRA partners with the Lines of Business and Enterprise functions to ensure that its models and analytics address both internal and regulatory requirements, such as quarterly Enterprise Stress Testing (EST), the annual Comprehensive Capital Analysis and Review (CCAR), and the Current Expected Credit Losses (CECL) accounting standard.  GRA models follow an iterative and ongoing development life cycle, as the bank responds to the changing nature of portfolios, economic conditions and emerging risks.  In addition to model development, GRA conducts model implementation, data management, model execution and analysis, forecast administration, and model performance monitoring. GRA drives innovation, process improvement and automation across all of these activities.
Overview of Consumer Operations & GRA Strategy

Consumer Operations & GRA Strategy is part of Global Risk Analytics (GRA). It is responsible for three primary bodies of work: strategic planning and delivery of major initiatives; program and project planning; and data management and model execution.

Strategy and Major Initiatives are responsible for the planning and delivery of a coherent model risk management framework and infrastructure across GRA. These efforts include the development of one universal platform for seamless model development and implementation, and improvements to the quality and consistency of the data sourced for all development and production purposes. The team also provides forward-looking plans and solutions to ensure that GRA is addressing internal and regulatory requirements in a strategic, coordinated and pro-active manner.
Programs and Projects provides project management oversight to key regulatory reviews such as the Current Expected Credit Losses (CECL) accounting standard and the Comprehensive Capital Analysis & Review (CCAR), as well as other strategic initiatives, including data, infrastructure and consumer model development. Additionally, the team ensures that technology roadmaps and data solutions align to Global Risk Management (GRM) strategies.
Consumer Risk Analytics Data Management and Model Execution responsible for driving the delivery of complete, accurate, timely, and compliant data for the consumer models. The team also develops, executes and manages the consumer model production processes, which provides required outputs for both forecast administrators (FAs) and front line units (FLUs).
 

Overview of the Role
This role drives execution of the Bank’s Risk Framework and enables the assessment GRA platforms and their and adherence to Enterprise-wide policies and standards. We promote a strong risk culture, underpinned by a proactive risk management approach. This enables the organization to deliver effectively for our operations and business partners and clients, thereby supporting our objective to build ‘best in class’ data and technology capabilities. We work in partnership with our Audit and Technology Compliance and Operational Risk (TCOR) partners. The team embraces our corporate values in our day to day interactions, and strive for continuous improvement in pursuit of Operational Excellence.
The analyst will support the team in executing internal control discipline. They will prepare documentation for the tracking, monitoring, and escalation of risk related issues to management. Incumbents typically have over 4+ years of risk management and/or LOB/ECF experience.

Key Responsibilities

• Enforce and enable compliance with firm-wide risk initiatives

• Support and guide Application Managers in the execution of risk management deliverables and track adherence and remediation progress thereof

• Participate in risk assessments to identify the incremental risks if any for the existing business and technology processes where required.

• Gather and organize data in order to monitor and test the effectiveness of key controls and status of mitigation and action plans

• Support the Issue Management process end-to-end, including development of action plans for self/audit/compliance-identified

• Participate in Internal and External Audit processes

• Support production of executive and other risk reporting

• Support Information Security risk reduction efforts including but not limited to; Application and Infrastructure Vulnerability management and associated exception processes

• Develop subject matter expertise in a risk domain

• Prepare relevant risk and control procedural documentation

• Develop operational understanding and capability for use of Risk and Control tools

• Act as an ambassador for risk culture

Required Skills:

• Experience in Technology Risk or Information Security (ideally with a Banking/Global Markets background)

• CISA, CISM, or CISSP preferred

• Co-ordination/ working with development teams spanning a large application portfolio

• Good working knowledge or experience with some of the following risk domains:

• Database and application security

• Access administration

• Infrastructure security

• Security event logging and monitoring

• Database/Application security protocols

• Secure software/code development

• Change management

• Vulnerability management

• Disaster recovery and business continuity

• Intellectual curiosity

• Proactive – self-starter

• Strong communication (oral and written) and presentation skills

• Develop and present executive reporting

• Problem solving, analytical and organizational skills

• Proficiency with MS-Office toolset; including Excel (for manipulating large datasets)

• Familiarity and operational experience with the following Bank tools:

• ART

• RISE

• Continuous Monitoring

• Trident - CSTAR

• Tableau reporting

• EIMS

• RODB

• ARM

• Remedy

• STR

Desired Skills:

• Previous Bank of America experience

Shift:

Hours Per Week: