This site uses cookies. To find out more, see our Cookies Policy

Operational Risk Management Director in Lynn, MA at Eastern

Date Posted: 8/18/2018

Job Snapshot

  • Employee Type:
  • Location:
    Lynn, MA
  • Job Type:
  • Experience:
    At least 10 year(s)
  • Date Posted:

Job Description

Committed, inclusive, and courageous; that’s Eastern Bank!  Since 1818 we have built a legacy of investing in the communities we serve and helping our customers and employees thrive and grow.  This legacy is what drives our brand purpose: We do good things to help people prosper.

With $10 billion in assets and over 120 locations in eastern Massachusetts and southern and coastal New Hampshire, we have the size, stability, technology and knowledge to deliver custom-tailored financial solutions in a convenient way.  We pride ourselves on working hard to understand our customer and client needs, so that we can deliver better service within banking, investments, and insurance, in a committed and personal way.
At Eastern, we are a passionate and innovative team focused on serving our customers and supporting our communities.  We bring different perspectives, skills and backgrounds with more than 50 languages and dialects represented.  Eastern has been recognized for 10 years in a row by the Boston Globe as a Top Place to Work.  So, come Join Us For Good!

The Operational Risk Management Director is responsible for the development and adherence of operational risk policies and standards for the enterprise.  Effective utilization and continuous development of the operational risk management framework, as a key component of the Enterprise Risk Management Program. The operational risk management framework sets forth the enterprise level governance, policies and practices to proactively identify, assess, mitigate, monitor, and report on operational risk exposures in business and operations at all levels of the organization. The Operational Risk Management Director will play a critical role in supporting senior management in ensuring that a cohesive structure and process exists to manage the variety of operational risk impacts that face the organization.

Responsibilities include: 

  • Establish and implement an Operational Risk policy and framework for standards and practices relative to operational risk management across the enterprise within the broader ERM program. Work with the Chief Risk Officer to ensure the operational risk framework effectively aligns with the ERM strategic vision and provides the desired level of governance and reporting to Senior Management and the Board.
  • Responsible for the company’s GLBA Compliance Program, Customer Information Breach Program, Vendor Management Program, Business Continuity Planning, New Initiative Program, as well as the Control Exception Program. Directing the Operational Risk team and business lines to execute processes related to all programs in adherence with regulatory requirements and expectations.
  • Responsible for leading the software development strategy and system administration of the GRC platform, Archer. Evaluating business use cases and ensuring data and integration are effectively managed to ensure accurate risk reporting.
  • Participate on or Chair any management level risk committees formed to manage escalations of operational risk issues and build sustainable reporting to ensure proactive operational risk management across the lines of business and functional groups.
  • Play a lead role in the evaluation and remediation of operational risk deficiencies and risk events including root cause analysis and process improvement recommendations. Partner with appropriate areas such as Compliance, Information Security, Fraud Management, Legal, Security, Audit etc., as necessary to ensure operational risk events are properly addressed, documented and reported.
  • Partner closely with management of all lines of business and functional areas on the development of key risk metrics, process controls, new products, change controls, common risk taxonomy, and risk profile updates.
  • Build relationships with all levels of management to effectively execute the operational risk management strategy and framework. Analyze and report first line risk and control assessments
  • Interact with regulators as needed and maintain a working knowledge of Federal and State banking laws and regulations. Analyzes the impact of our training programs and makes recommendations for changes as needed.  Keep abreast of the latest operational risk management techniques and industry best practices.
  • Manage department staff development and training efforts. Responsible for the department strategy, contributing to the overall ERM strategy, and appropriately managing the department budget forecasting and spend.

Job Requirements

  • Minimum Years of Experience: 10+ years is recommended along with a demonstrable track record of working from the bottom up in a risk management capacity and managing/leading a risk management functions and teams.
  • Minimum Degree Required: Bachelor’s degree required.
  • Certification(s):  Vendor-neutral certifications are preferred, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA).
  • Preferred Knowledge:
  • Understanding of Financial Services-related regulations and standards (FFIEC, SEC, FINRA, Federal Reserve, FDIC, OCC, PCI DSS, etc.)
  • Understanding of core product/services risks, business processes, and internal controls related to non-financial reporting, including control frameworks such as COSO, CoBIT, and ITIL.
  • Relevant subject matter expertise to support the development of thought leadership within the bank.
  • Demonstrates strong risk assessment skills incorporating the risk/control/gap format. 
  • Demonstrates project management skills related to risk management projects, including developing project plans, budgets, and deliverables schedules.
  • Demonstrates extensive abilities as a team leader, which includes creating a positive environment; monitoring workloads of the team while meeting management expectations; respecting the work-life quality of team members; providing candid, meaningful feedback in a timely manner; and keeping leadership informed of progress.
  • Hands-on experience effectively utilizing one of the leading GRC solutions – preferably RSA – Archer.
  • Proficient and comfortable working with productivity tools such as MS Office and SharePoint to quickly and accurately document, analyze, and present relevant data.