Risk and Control Manager

The newly formed Enterprise Technology Services (ETS) Control & Compliance, Process Risk Reduction & Enterprise Platforms (EP) Risk Advisory team, are dedicated to driving effective Operational Risk strategies as the Enterprise undergoes the transformation to strengthen our Risk Management programs, pillars and enablement functions.  This role will ensure the Global Loyalty & Benefits (GLB), Banking and Payments (B&P), Global Accounts Receivable (GAR) and Technology Business Enablement (TBE) ETS teams are equipped with in-depth knowledge of risk-stripes to manage and mitigate these risks effectively in addition to supporting the BU with expert guidance for topical Operational Risk intelligence.

How will you make an impact in this role?

The ETS Control & Compliance, Process and Risk Reduction team is looking for a Risk and Control Manager who will be focused on ensuring control management is embedded in the day-to-day operations for the EP organization.  It will involve extensive collaboration with multiple partners across numerous business units, functional areas and geographies.  Including the Risk ID teams, application teams and business units. This role will be in place to be an expert in the processes and associated controls to identify opportunities to elevate controls, support root cause and thematic analysis and provide recommendations on enhancing the controls for a given domain.

The Risk and Control Manager will:

• Provide additional identification of risks throughout business processes and systems (along with business process owners)
• Facilitate BUs in their risk assessments performance (e.g., Risk and Control Self Assessment (RCSA)) in addition to further assessments and testing / QA programs to ensure regulatory and internal standards are met (e.g., periodic RCSA reviews and update assessment criteria to align with regulatory updates)
• Provide recommendations and to elevate controls where there is failure and identify themes across the controls where repeat Issues arise to work on the root cause vs individual minor controls that may not be solving the main, systemic problem. 
• Conduct control monitoring (supplemental to BU process owners testing) and compile key operational risk trends, activities, and events
• Proactively help identify areas of high-risk for intervention (e.g., automated alerts generated for high-risk areas signal need for intervention and focus), including conducting independent quality assurance and vertical process testing
• Compile thematic risk reporting (levels, trends, causes) to provide actionable insights to BU on current risk levels, emerging trends and root causes
• Review categorization of controls and map against risks and processes (e.g., cross-BU process-control mapping)
• Proactively help identify certain areas of high-risk for intervention (e.g., automated alerts generated for high-risk areas signal need for intervention and focus), including conducting independent quality assurance and vertical process testing
• Advise BU with identification of risks and spotting areas where product changes or improved controls may be required within New Product Governance (NPG)
• Support risk management practices within the business
• Review risk dashboards and key risk indicators (KRIs) for ongoing monitoring
• Review risk profiles and an updated risk register(s)
• Support sharing insights, better practices, themes, etc. across the enterprise

Minimum Qualifications

• 3+ Years experience in operational risk management (e.g., within Risk and/or Internal Audit function) Understanding of critical operational risk management lifecycle activities 
• Strong project management, communication, and interpersonal skills 
• Experience in process governance, with an understanding of processes that align with policies, regulatory frameworks, and/or operational standards 
• Proficient analytical and problem-solving skills, with an ability to analyze data, identify trends, and evaluate risk scenarios effectively

Preferred Qualifications:  

• Bachelor's Degree in Finance, Business, Risk Mgmt., or related field; advanced degrees (e.g., MBA, MSc) or certifications are advantageous 
• Experience in at least one of the following:  
• Providing identification of operational risks throughout business processes and systems
• Facilitating risk assessment performance in addition to further assessments and testing programs to ensure regulatory and internal standards are met
• Enhancing risk assessments and associated methodologies 
• Reviewing independent control monitoring, including identification of control improvements
• Identifying areas of risk for intervention, including conducting independent quality assurance and process testing
• Reviewing thematic risk reporting to provide actionable insights on risk levels, emerging trends and root causes
• Experience in financial services industry