Operational Risk Advisor (Hybrid - See Job Description for Listed Locations)

This role is responsible for delivery of independent, risk-based challenge and second-line risk management support, in alignment with the Operational Risk Management Framework, applicable policies, regulatory expectations, and industry standards.  

The role reports to an Operational Risk Senior Manager and supports providing independent and objective insights to guide and influence business risk management in the enhancement and implementation of their risk management practices.

The role is responsible for assessing risks, threats, and opportunities, including those arising from evolving technologies, customer-facing digital channels, data-driven decisioning, and emerging business models.  The individual is expected to demonstrate strong knowledge of operational risk management principles, industry best practices, and the supported business areas, inclusive experience with technology-enabled process risk, third-party dependencies, data and model risk intersections, resilience and change management risk.

This role requires effective collaboration across risk partners, constructive engagement with key stakeholders, effective interaction with Technology and Product Owners, and meets the expectations of senior management, risk governance, and audit and regulators.  

The position demands sound independent judgment, the ability to operate with a high degree of autonomy in the oversight and/or execution of their role, as well as working effectively within the department, and effective integration within the broader risk organization.  Given the dynamic and evolving nature of the risk landscape, flexibility is required to leverage risk concepts and tools into areas where risk management processes may be immature or not fully documented.

Primary Responsibilities:

• Develop and deliver complex, ad hoc operational risk analysis and analytical reports.

• Prepare, review, and present clear, well‑supported risk opinions and materials for senior management and risk governance forums.

• Perform independent oversight and critical review and challenge of risk identification, assessment, monitoring, mitigation, and reporting across assigned business areas.

• Perform gap, control, and root cause assessments and evaluate the adequacy, effectiveness, timeliness, and sustainability of risk remediation plans. Escalate identified gaps appropriately.

• Guide and support first line implementation of the Operational Risk Management (ORM) Framework. Monitor execution for alignment with ORM policies and guidance, as well as supervisory expectations.

• Assess issues, control failures, or policy breaches to determine whether root cause has been adequately identified by first line and remediation plans are effective and sustainable. Escalate unmitigated risks, emerging issues, and remediation concerns through appropriate governance channels.

• Deliver objective insights to inform and influence business risk management and the ongoing enhancement of control practices.

• Collaborate with first‑ and second‑line partners, including technology risk, compliance, model risk, and other risk functions, to enhance risk processes, drive consistency, improve transparency, and deliver value‑added risk management outcomes.

• Stay current on emerging risks, industry trends, and regulatory developments; engage with external peers and professional organizations to proactively inform ongoing risk oversight and monitoring activities.

• Support change initiatives, promote adherence to internal control standards, and support audit and regulatory remediation efforts.

Supervisory/Managerial Responsibilities

No direct management but may provide guidance to others.

Education and Experience Required:

Bachelor’s degree and six years' experience in risk, compliance, legal, audit, or other relevant function,

OR in lieu of degree,

A combined minimum of ten years’ higher education and/or work experience including six years’ experience in risk, compliance, legal, audit, or other relevant function.

Proficient computer skills (including Excel, PowerPoint, and Power BI).

Analytical skills with strong written and verbal communications with all levels of management.

Working knowledge of relevant regulations and industry standards for Operational Risk Management.

Preferred skills & experience:

Working knowledge of enterprise governance, risk, and compliance platforms e.g. Archer, FusionRM etc. 

• Expertise in operational risk   and control self-assessment, control testing, issue management, and risk event reporting.

• Six years of progressive-growth experience within Operational Risk Management, Technology Risk Management, and/or Enterprise Risk Management.

• Hands-on experience in Operational Risk Tools, Metrics, and Monitoring Reports development and /or enhancement projects.

• Second line Operational Risk experience with a Category 3 or larger financial institution.