The Manager- Operational Risk Management is responsible for providing overall project management and leadership support to the Senior Director of Global Operational Risk Management and assist with the development, implementation and support of the firm’s global operational risk framework, providing structured processes, tools, and assistance to business areas to capture, identify, evaluate, respond to, and report on risk issues. He/She will provide leadership to integrate Security Technology, Operations and Risk in creating Policy updates and training/awareness programs.

Job Description:

The Manager- Operational Risk Management will perform all or some of the following Job description:

• Enterprise Risk Architectural Design and Implementation

• Plan, manage, and provide ongoing support for the firm’s global governance, operational risk, and compliance (GRC) framework

• Develop risk standards and best practices documentation required to support the security, risk, and compliance programs

• Develop a corporate threat, risk, vulnerability and risk remediation assurance and management program to identify, track, and remediate security and business operations vulnerabilities across the enterprise

• Work with the business to design and implement operational risk and compliance assurance solutions that mitigate security threats and risks, protect the corporate infrastructure, and enable business

• Plan, manage and conduct operational risk assessments as needed

• Work as a team with other members of the GSO, as well as members of IT, Audit, Finance, Legal and other Company business entities

• Support and manage the day to day running of the operational risk infrastructure.

Minimum Requirements / Knowledge / Skill For Manager- Operational Risk Management Job

• Superior written and verbal communication skills and comprehensive understanding of Operational Risk & Privacy issues to be applied in the development of executive status
• Ability to identify and effectively negotiate for complex security services offered by solution vendors that are sound technically and from a business perspective
• Ability to communicate with business people who seek protection for information assets in a realistic and service oriented manner
• Ability to drive and conduct Global Theater Risk Assessments, including on-site assessments where feasible
• Demonstrate competence in the fundamental legal concepts of ''limited disclosure, chain of custody and evidence'' in order to effectively manage exposure to the business
• 8-12 years of applicable experience in the Risk, Compliance, Business Security or Audit field
• Ability to lead cross functional teams, communicate well, and possess good analytical, technical, problem-solving, and organizational skills
• Ability to adjust quickly to shifting priorities and make quick decisions with limited information
• Ability to make decisions independently and in a self-directed manner in support of the goals of the team and organization, as well as be motivated to tackle challenging problems
• Well versed in basic enterprise computing platforms, architectures, and technologies
• Expert understanding of Risk Management platforms such as GRC applications
• Experienced in designing, deploying and maintaining operational risk architectures in enterprise class organizations
• Experienced in computer security, data, and compliance incident handling and general understanding of the Advanced Persistent Threat
• In depth knowledge of computer security forensics and security vulnerabilities
• Well versed in multiple enterprise security technologies
• Familiarity with US and international security, privacy, and data
• Knowledge protection laws and regulations, including HIPPA, PCI, and EU Directive.