Data Risk Management – Independent Risk Oversight

at Bank of America
Published January 27, 2022
Location Chicago, IL
Category Default  
Job Type Full-time  

Description

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Data Risk, Compliance and Operational Risk (EDR COR) seeks to deliver effective independent risk management of the activities and processes associated with managing the Company’s data. The team provides 2nd line oversight of the 1st line Enterprise Data Strategy & Governance (EDSG), Chief Data Office (CDO) and coordinates Enterprise wide Data Risk coverage with 2nd line partners (Global Compliance and Operational Risk, Coverage Risk Managers).

The Enterprise Data Risk Compliance and Operational Risk team is seeking multiple individuals with a focus on one the following data related skills sets:

• Data Architecture and Database architecture strategy – The EDR COR manager has knowledge of relational database design including structure/interface, cloud-based solutions, and data lineage. The EDR COR manager possesses a high level of skill in application deployment and workload architectures to better understand and identify data risks.

• Data Methods and Artificial Intelligence (AI) – The EDR COR manager has knowledge of data methods including artificial intelligence and machine learning and the ability to identify any risks which may have unintended consequences.

The Enterprise Data Risk Manager (EDR COR Manager) will lead the development, delivery and ongoing management of a 2nd line Independent Data Risk Management program of compliance and operational risk management (CORM). The role will develop and execute risk assessments of various types of data risks across lines of business and control functions, e.g. data quality risk, data movement risk, data fit for purpose risk and data governance. The EDR COR Manager will ensure effective analysis and measurements of key data risks are established, measured and monitored.

The EDR COR Manager assists in engaging other COR officers, including horizontal coverage owners, to provide comprehensive oversight of Front Lune Unit/Control Function activities and collaborates with1st line partners (EDSG & CDO) and 2nd line partners (GCOR Coverage Risk Managers). This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. Additionally, as an expert in a specific area of coverage, the EDR COR Manager should stay up to date on emerging data risk, capabilities, methods and tools.

The EDR COR Manager has one or more of the following:
• Understands governance and adoption of Authoritative Data Sources
• Experience in metadata management, architectural strategy, policy design, process design, business architecture and management information reporting
• Understands the core methodology in AI solutions and the context in which it will be deployed so as to find risks/gaps
• Ability to review and challenge AI Governance and recommend alternative approaches or controls to mitigate risks/gaps identified
• Looks for unexpected risks / unintended consequences of an AI solution over its life cycle
• Knowledge of machine learning, natural language processing technology

The EDR COR Manager has
• Passion for data combined with intellectual curiosity and learning agility to accurately interpret, understand and evaluate a variety of risks to data across multiple lines of business and control functions
• Understanding of strategies to use data as an asset
• Strong business-centric mindset with ability to utilize sound business judgment to problem solve, make decisions in complex situations and drive issues to completion
• Strong analytical skills (including both analysis of financial data and written reports). Talk and writes in a clear, concise, organized, and convincing manner for the intended audience
• Experience in delivering projects and working with teams with diverse skill sets, executing a long term departmental strategy and comfortable with leading change

Required Skills
• 7+ years of Financial Services experience. Desirable experiences include Data Management, Risk Management Data Architecture or Data Tools. Note, diverse backgrounds or experiences welcomed
• Should have a passion for data and analysis, and how that information can be used for better planning and decision making
• Comfortable and capable of working with multiple business partners, clients, and senior executives, communicating with them at their level of analytical/technical understanding
• Strong data analysis, interpretation and data visualization skills

Desired Skills
• Experience in metadata management, architectural strategy, policy design, process design, business architecture and management information reporting
• Solid experience with Data tools, analytics, reporting and technology experience ( i.e.Collibra, Blueprint, JIRA, Tableau, MicroStrategy)
• Vision- Takes a long-term view and builds a shared vision with others; acts as a catalyst for organization change. Influences others to translate vision into action
• Communication- Can articulately paint credible pictures & visions of possibilities and likelihoods
• Resilience- Deals effectively with pressure; remains optimistic and persistent, even under adversity. Recovers quickly from setbacks. On occasion required to take an unpopular stand
• Collaboration- Develops networks and builds alliances; collaborates across boundaries to build strategic relationships and achieve common goals. Influencing and negotiating across external stakeholders (regulators) as well as internal groups
• Interpersonal Skills- Treats others with courtesy, sensitivity, and respect. Considers and responds appropriately to the needs and feelings of different people in different situations
• Leveraging Diversity- Fosters an inclusive workplace where diversity and individual differences are valued and leveraged to achieve the vision and mission of the organization. Exposure and involvement with Employee Engagement initiatives including supporting Diversity & Inclusion efforts
• Developing Others- Develops the ability of others to perform and contribute to the organization by providing ongoing feedback and by providing opportunities to learn through formal and informal methods

• In depth knowledge of or certification in law, rule, regulation or area of coverage (ie: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

-->

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Data Risk, Compliance and Operational Risk (EDR COR) seeks to deliver effective independent risk management of the activities and processes associated with managing the Company’s data. The team provides 2nd line oversight of the 1st line Enterprise Data Strategy & Governance (EDSG), Chief Data Office (CDO) and coordinates Enterprise wide Data Risk coverage with 2nd line partners (Global Compliance and Operational Risk, Coverage Risk Managers).

The Enterprise Data Risk Compliance and Operational Risk team is seeking multiple individuals with a focus on one the following data related skills sets:

• Data Architecture and Database architecture strategy – The EDR COR manager has knowledge of relational database design including structure/interface, cloud-based solutions, and data lineage. The EDR COR manager possesses a high level of skill in application deployment and workload architectures to better understand and identify data risks.

• Data Methods and Artificial Intelligence (AI) – The EDR COR manager has knowledge of data methods including artificial intelligence and machine learning and the ability to identify any risks which may have unintended consequences.

The Enterprise Data Risk Manager (EDR COR Manager) will lead the development, delivery and ongoing management of a 2nd line Independent Data Risk Management program of compliance and operational risk management (CORM). The role will develop and execute risk assessments of various types of data risks across lines of business and control functions, e.g. data quality risk, data movement risk, data fit for purpose risk and data governance. The EDR COR Manager will ensure effective analysis and measurements of key data risks are established, measured and monitored.

The EDR COR Manager assists in engaging other COR officers, including horizontal coverage owners, to provide comprehensive oversight of Front Lune Unit/Control Function activities and collaborates with1st line partners (EDSG & CDO) and 2nd line partners (GCOR Coverage Risk Managers). This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. Additionally, as an expert in a specific area of coverage, the EDR COR Manager should stay up to date on emerging data risk, capabilities, methods and tools.

The EDR COR Manager has one or more of the following:
• Understands governance and adoption of Authoritative Data Sources
• Experience in metadata management, architectural strategy, policy design, process design, business architecture and management information reporting
• Understands the core methodology in AI solutions and the context in which it will be deployed so as to find risks/gaps
• Ability to review and challenge AI Governance and recommend alternative approaches or controls to mitigate risks/gaps identified
• Looks for unexpected risks / unintended consequences of an AI solution over its life cycle
• Knowledge of machine learning, natural language processing technology

The EDR COR Manager has
• Passion for data combined with intellectual curiosity and learning agility to accurately interpret, understand and evaluate a variety of risks to data across multiple lines of business and control functions
• Understanding of strategies to use data as an asset
• Strong business-centric mindset with ability to utilize sound business judgment to problem solve, make decisions in complex situations and drive issues to completion
• Strong analytical skills (including both analysis of financial data and written reports). Talk and writes in a clear, concise, organized, and convincing manner for the intended audience
• Experience in delivering projects and working with teams with diverse skill sets, executing a long term departmental strategy and comfortable with leading change

Required Skills
• 7+ years of Financial Services experience. Desirable experiences include Data Management, Risk Management Data Architecture or Data Tools. Note, diverse backgrounds or experiences welcomed
• Should have a passion for data and analysis, and how that information can be used for better planning and decision making
• Comfortable and capable of working with multiple business partners, clients, and senior executives, communicating with them at their level of analytical/technical understanding
• Strong data analysis, interpretation and data visualization skills

Desired Skills
• Experience in metadata management, architectural strategy, policy design, process design, business architecture and management information reporting
• Solid experience with Data tools, analytics, reporting and technology experience ( i.e.Collibra, Blueprint, JIRA, Tableau, MicroStrategy)
• Vision- Takes a long-term view and builds a shared vision with others; acts as a catalyst for organization change. Influences others to translate vision into action
• Communication- Can articulately paint credible pictures & visions of possibilities and likelihoods
• Resilience- Deals effectively with pressure; remains optimistic and persistent, even under adversity. Recovers quickly from setbacks. On occasion required to take an unpopular stand
• Collaboration- Develops networks and builds alliances; collaborates across boundaries to build strategic relationships and achieve common goals. Influencing and negotiating across external stakeholders (regulators) as well as internal groups
• Interpersonal Skills- Treats others with courtesy, sensitivity, and respect. Considers and responds appropriately to the needs and feelings of different people in different situations
• Leveraging Diversity- Fosters an inclusive workplace where diversity and individual differences are valued and leveraged to achieve the vision and mission of the organization. Exposure and involvement with Employee Engagement initiatives including supporting Diversity & Inclusion efforts
• Developing Others- Develops the ability of others to perform and contribute to the organization by providing ongoing feedback and by providing opportunities to learn through formal and informal methods

• In depth knowledge of or certification in law, rule, regulation or area of coverage (ie: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Data Risk, Compliance and Operational Risk (EDR COR) seeks to deliver effective independent risk management of the activities and processes associated with managing the Company’s data. The team provides 2nd line oversight of the 1st line Enterprise Data Strategy & Governance (EDSG), Chief Data Office (CDO) and coordinates Enterprise wide Data Risk coverage with 2nd line partners (Global Compliance and Operational Risk, Coverage Risk Managers).

The Enterprise Data Risk Compliance and Operational Risk team is seeking multiple individuals with a focus on one the following data related skills sets:

• Data Architecture and Database architecture strategy – The EDR COR manager has knowledge of relational database design including structure/interface, cloud-based solutions, and data lineage. The EDR COR manager possesses a high level of skill in application deployment and workload architectures to better understand and identify data risks.

• Data Methods and Artificial Intelligence (AI) – The EDR COR manager has knowledge of data methods including artificial intelligence and machine learning and the ability to identify any risks which may have unintended consequences.

The Enterprise Data Risk Manager (EDR COR Manager) will lead the development, delivery and ongoing management of a 2nd line Independent Data Risk Management program of compliance and operational risk management (CORM). The role will develop and execute risk assessments of various types of data risks across lines of business and control functions, e.g. data quality risk, data movement risk, data fit for purpose risk and data governance. The EDR COR Manager will ensure effective analysis and measurements of key data risks are established, measured and monitored.

The EDR COR Manager assists in engaging other COR officers, including horizontal coverage owners, to provide comprehensive oversight of Front Lune Unit/Control Function activities and collaborates with1st line partners (EDSG & CDO) and 2nd line partners (GCOR Coverage Risk Managers). This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. Additionally, as an expert in a specific area of coverage, the EDR COR Manager should stay up to date on emerging data risk, capabilities, methods and tools.

The EDR COR Manager has one or more of the following:
• Understands governance and adoption of Authoritative Data Sources
• Experience in metadata management, architectural strategy, policy design, process design, business architecture and management information reporting
• Understands the core methodology in AI solutions and the context in which it will be deployed so as to find risks/gaps
• Ability to review and challenge AI Governance and recommend alternative approaches or controls to mitigate risks/gaps identified
• Looks for unexpected risks / unintended consequences of an AI solution over its life cycle
• Knowledge of machine learning, natural language processing technology

The EDR COR Manager has
• Passion for data combined with intellectual curiosity and learning agility to accurately interpret, understand and evaluate a variety of risks to data across multiple lines of business and control functions
• Understanding of strategies to use data as an asset
• Strong business-centric mindset with ability to utilize sound business judgment to problem solve, make decisions in complex situations and drive issues to completion
• Strong analytical skills (including both analysis of financial data and written reports). Talk and writes in a clear, concise, organized, and convincing manner for the intended audience
• Experience in delivering projects and working with teams with diverse skill sets, executing a long term departmental strategy and comfortable with leading change

Required Skills
• 7+ years of Financial Services experience. Desirable experiences include Data Management, Risk Management Data Architecture or Data Tools. Note, diverse backgrounds or experiences welcomed
• Should have a passion for data and analysis, and how that information can be used for better planning and decision making
• Comfortable and capable of working with multiple business partners, clients, and senior executives, communicating with them at their level of analytical/technical understanding
• Strong data analysis, interpretation and data visualization skills

Desired Skills
• Experience in metadata management, architectural strategy, policy design, process design, business architecture and management information reporting
• Solid experience with Data tools, analytics, reporting and technology experience ( i.e.Collibra, Blueprint, JIRA, Tableau, MicroStrategy)
• Vision- Takes a long-term view and builds a shared vision with others; acts as a catalyst for organization change. Influences others to translate vision into action
• Communication- Can articulately paint credible pictures & visions of possibilities and likelihoods
• Resilience- Deals effectively with pressure; remains optimistic and persistent, even under adversity. Recovers quickly from setbacks. On occasion required to take an unpopular stand
• Collaboration- Develops networks and builds alliances; collaborates across boundaries to build strategic relationships and achieve common goals. Influencing and negotiating across external stakeholders (regulators) as well as internal groups
• Interpersonal Skills- Treats others with courtesy, sensitivity, and respect. Considers and responds appropriately to the needs and feelings of different people in different situations
• Leveraging Diversity- Fosters an inclusive workplace where diversity and individual differences are valued and leveraged to achieve the vision and mission of the organization. Exposure and involvement with Employee Engagement initiatives including supporting Diversity & Inclusion efforts
• Developing Others- Develops the ability of others to perform and contribute to the organization by providing ongoing feedback and by providing opportunities to learn through formal and informal methods

• In depth knowledge of or certification in law, rule, regulation or area of coverage (ie: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Shift:

1st shift (United States of America)

Hours Per Week: 

40