Compliance and Operational Risk Specialist

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

The Cybersecurity Control & Planning Governance role will focus on the responsibilities for regulatory change processes specific to information security.  Strong policy, control, LRRG knowledge is needed to effectively  identify cybersecurity related LRRGs and new issuing authorities.  In addition to evaluate policy, standard, process and control coverage of regulatory requirements. Additionally evaluate regulatory change processes including effective risk identification, reporting and escalation.  Key Focus area for this role:

• Identification and evaluation of new, changed, or proposed laws, rules, regulations, and guidance (LRRGs) related to information security

• Evaluation of applicability of the LRRG to the Bank and Information

• Analyze and validate coverage of an LRRG from a GIS Policy, Standards and Process/Controls perspective

• Communicate and report on Compliance and Operational risk oversight and coverage

Job Description:

This job is responsible for assisting the Compliance and Operational Risk officer team to execute second line of defense compliance and operational risk oversight for a Front-Line Unit, Control Function, and/or Third Parties. Key responsibilities include ensuring requirements of the Global Compliance Enterprise Policy, the Operational Risk Management Enterprise Policy (collectively “the Policies”), the Compliance and Operational Risk Management Program and Standard Operating Procedures are implemented and identifying, challenging, escalating, and mitigating risks in a timely manner.
 

Responsibilities:

• Assists in assessing risks, associated controls and their effectiveness, while driving compliance with applicable laws, rules, and regulations, adhering to policies, and developing reporting and documentation

• Engages in activities to provide support to the Compliance and Operational Risk teams in order to provide independent compliance and operational risk oversight of Front-Line Unit or Control Function performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy (collectively the Policies) and the Compliance and Operational Risk Management Program and Standard Operating Procedures

• Assists in identifying and escalating problems or issues that arise and drives actions to address the root causes that lead to compliance risk issues and/or operational risk losses• Assists in the development of independent risk management reporting for respective area(s) of coverage as input into management routines

• Assists in responding to regulatory inquiries and other audits and examinations

• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintains a comprehensive regulatory inventory

Skills

• Monitoring and Testing

• Process Management

• Regulatory Compliance

• Reporting

• Risk Management

• Interpret Relevant Laws, Rules, and Regulations

• Issue Management

• Policies, Procedures, and Guidelines Management

• Attention to Detail

• Critical Thinking

• Advisory

• Business Process Analysis

• Active Listening

• Written Communications

• Minimum Education Requirement: Null

Communicates and Influences with Impact:

• Written and oral communications are clear, direct, concise and simple; avoids jargon

• Applies the context to work deliverables; demonstrates understanding of the "why"

• Adjusts style and personalizes message to best connect with others

• Supports opinion and recommendations with facts and data

• Shares opinion with confidence; stands up for what is right

Demonstrates Business Acumen:

• Understands the organization’s overall strategy and how the business operates

• Understands the purpose, risks, procedures, controls, and escalation requirements related to their job

• Identifies and suggests business improvements and solutions

• Supports transfer of knowledge of the business to others Bank of America Proprietary

Demonstrates Learning Agility:

• Demonstrates the ability to remain flexible and adaptable in order to learn/apply new concepts and stay current on emerging trends (i.e. new technology)

• Asks questions in an effort to understand, drawing connections and similarities in order to frame new challenges/opportunities; leverages information to take calculated risks

• Proactively brainstorms and researches a wide range of options to find the best solutions to address opportunities

• Proactively engages others for feedback as an opportunity to drive improvement (for self and the business)

Delivers Results:

• Demonstrates bias for action in order to execute business priorities - Holds self and others accountable for consistent quality execution of procedures, controls, and risk escalation

• Demonstrates and encourages collaboration within and beyond team

• Advocates the value of change and gets team and key stakeholders on board

Cultivate Talent & Organization:

• Actively supports and participates in an environment that values diversity, where people can speak up, share bad news and get better outcomes through dialogue and debate

• Supports opportunities to build a pipeline of strong, diverse talent

• Supports the growth and development of junior talent; provides peer coaching and feedback

Delivers Second-Line Risk Management:

• Understands the Compliance & Ops Risk Program and how it applies to daily work activity

• Knows how laws, rules and regulations apply to businesses, functions, products, jurisdictions and/or the enterprise

• Understands the business processes (design through execution), the role of effective controls, and the potential impact to operational losses

• Assesses for and identifies compliance and operational risks in the activities of a FLU/ECF or the Company (EAC) through monitoring, assessment and testing activities

• Documents, analyzes, reports and escalates as needed risk issues (e.g., control weaknesses, violations, metric breaches)

• Mitigates compliance and operational risk through means such as policy reviews and updates, issue remediation/action plans, and training needs

• Communicates risks and issues concisely, clearly and timely; drives transparency and accountability with appropriate parties

• Supports the execution of risk governance and management routines

• Escalates risks not being mitigated in a timely manner to appropriate leaders and senior management

Required Skills:

• Regulatory Compliance

• Interpret Relevant Laws, Rules, and Regulations

• GIS Policy, Standards and Baselines Management

• Risk Management

Desired Skills:

• Monitoring and Testing of Processes/Controls

• Process Management

• Executive Reporting

• Issue Management

Shift:

Hours Per Week: