ERM Business Analyst
|Position:||ERM Business Analyst|
|Reports To:||Director, Enterprise Risk Management|
|Location:||New York, NY|
The ERM Business Analyst supports the Enterprise Risk Management team in all aspects of the enterprise-wide risk management program. Responsibilities include executing the organization’s ERM Framework, as well as facilitate interfacing with functional units to establish and communicate risk management methodology, processes, risk appetite and risk culture.
This role will support leadership during a period of rapid organizational change and industry advancement, as well as technical efforts such increasing use of the Cloud. The role will ensure that the company appropriately prioritizes, manages and monitors risk by collaborating with several departments and defining risk ownership. A successful candidate will contribute to the Risk Management program by bringing experience and first-hand knowledge to the enhancement and ongoing execution of the ERM program.
- Bachelor’s degree in risk management, business administration, management information system, mathematics, finance, economics or a related area
- 2-3 years’ experience in a first or second line operational risk management program (preferably within Operations or Technology at a bank)
- Experienced in performing risk assessments, e.g. RCSA
- Demonstrated success supporting enterprise-wide functions and projects, and multi-tasking on projects with competing priorities
- Ability and eagerness to understand (at a high level) existing and emerging technologies, and to work with technical teams in a liaison-like capacity
- Ability to understand management objectives, risk appetite, tolerances and impact of changes to risk profiles
- Understanding of the financial regulatory environment for the banking industry and payment systems space
- Maintain current knowledge of new regulations and emerging industry risks and report potential and/or actual enterprise impact to management
- Ability to work independently and proactively; innovative, resourceful, results oriented, with appropriate judgment
- Experience with internal and external loss data analysis and reporting, scenario analysis, emerging events, and post-mortem/deep dives
- Well versed in risk taxonomy
- Familiarity with IT governance and controls, including governance and control frameworks, such as COBIT, ITIL, FFIEC, COSO or equivalent is a plus, but not required
- RSA Archer or other GRC experience
Essential Functions and Responsibilities:
- Contribute towards the design, development, implementation and execution of the ERM Framework in order to establish an effective risk-based system to identify, measure, monitor, report and control enterprise-wide risks
- Build, maintain and enhance business relations with department and business stakeholders for the smooth implementation of risk management activities across the organization
- Supporting the execution and ongoing enhancement of the company’s RCSA program. Work as an educator and partner by facilitating FLOD execution and performing SLOD challenge
- Champion timely remediation of self-identified issues
- Identify, understand and assess Information Technology and other enterprise risks associated with the operational processes
- Apply sound judgment in evaluating risks and controls; effectively challenge first line of defense on the identification and disposition of risks, and the adequacy of controls
- Perform risk assessments to identify current and emerging key risks (operational, technology, etc.)
Physical Demands and Work Environment:Work is generally sedentary in nature, but may require standing and walking. The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available. Travel may be required.
- A letter of interest describing your experience and interest in the position
- Your resume
- Names and contact information of three references, or three letters of reference
* Please submit a single application per position.