HOW WILL YOUR ROLE IMPACT FIRST COMMAND?
Working with Business and BIS leaders, the Risk and Controls Program Manager will develop, implement and maintain a comprehensive risk and controls framework and “Second Line of Defense” to monitor and assess internal controls performance. Primary overall objectives include identification of existing controls; development of new controls in collaboration with Business leaders; and documentation and ongoing assessment/testing of risk and controls across the Enterprise.
WHAT WILL YOU BE DOING?
- Identify key process owners that will serve as points of contact for process, risk and controls, and assessment documentation
- Develop and coordinate/lead a Second Line of Defense team of business unit representatives responsible for implementing, documenting and assessing risk and controls
- Conduct training sessions with business owners and leadership on risk and controls, process documentation expectations and vision of Second Line implementation
- Identify and help the business remediate risk exposures due to lack of controls (design gaps)
- Work with business owners to ensure controls are performing in accordance with agreed implementation schedules
- Work with Internal Audit to align with the annual risk assessment process to capture controls status across all eight categories of risk
- Work closely with Internal Audit to leverage past audits, business process and IT process identification as well as alignment on documentation of risk and controls and self-assessment process
- Develop an assessment schedule that aligns with Internal Audit plans to ensure that areas due for audit are prioritized from a self-assessment perspective
- Effectively communicate the status of controls to regulators for purposes of annual exams
- Identify appropriate Governance, Risk and Control (“GRC”) tools for possible use to house risk and controls framework and self-assessment results
NOTE: The list of essential job functions is not exhaustive and may be supplemented by the supervisor as necessary.
KNOWLEDGE, SKILLS, AND ABILITIES (COMPETENCIES) REQUIRED
- Experience with both Business Process and IT risks and controls
- Experience leading teams and training personnel at all levels
- Strong collaborator and highly effective communicator
- Agile experience preferred
SUPERVISORY RESPONSIBILITY
- Manage/Supervise the Compliance Officer, Internal Control position.
WHAT SKILLS/QUALIFICATIONS DO YOU NEED?
- Ten (10) or more years of experience in risk and controls documentation, implementation, and maintenance, including work as part of the Second Line of Defense for a financial services organization
- Certifications in Risk Management and/or CPA required
- Bachelor’s Degree required (Business, MIS, Accounting and/or Finance preferred)
Disclaimer
The information of this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job, which may vary on the department or the assignment. The actual essential duties, responsibilities and qualifications may vary by department, reporting structure and other business needs. No inference should be drawn that a specific job duty, responsibility or qualification is non-essential by its absence from this description.
#LI-NC1
Required Skills
Required Experience