Compliance, Conduct and Operational Risk (“CCOR”) organization is at the forefront of managing risk in a complex and changing regulatory environment. Joining our department, you’ll help to safeguard the firm’s business by developing solutions that balance risk and regulatory requirements with the firm’s business needs.
The CRA/TPGO–Central Utilities Team provides coverage across Audit and Exam Management, Senior Management Reporting, and other Utility Services, including (but not limited to) Control Management reviews, policies and procedures, IAS, and records management. The team works closely with the Risk Assessment Framework and TPGO stakeholders to execute and deliver on key priorities further described below.
The CCOR Risk Assessment and Framework (including CCOR Risk Taxonomies) team is responsible for providing governance over the Firm’s structured approach (e.g. Quality Risk Appetite, CCOR Review and Challenge of CORE Risk Assessment, Compliance Risk Assessment, Legal Entity Risk Assessment, AML & Sanctions Risk Assessment) to identify, evaluate, and manage compliance, conduct, and operational risks across the firm. It is designed to ensure robust risk management, regulatory compliance, and effective controls for all business activities and products. The framework is applied firmwide and is tailored to specific risk groups, business lines, and regulatory requirements.
The mission of CCOR Monitoring & Testing is to gain assurances that the firm's assessment of its control environment is sound by investing in our people, data assets and infrastructure to drive efficiency and expand the quantity and quality of risk coverage at the firm level. To facilitate this mission, several oversight groups have been established. The Testing Program Governance and Oversight (TPGO) group is responsible for providing independent governance and oversight of the Compliance, Conduct, and Operational Risk (CCOR) Monitoring and Testing (M&T) Program. This group operates within the Second Line of Defense (2LOD) and ensures the M&T Program is managed effectively, independently, and in alignment with firmwide standards and strategic objectives.
**Job responsibilities: **
- Own end-to-end reporting execution, managing the full lifecycle (intake, drafting, review, approvals, and final submission) to deliver consolidated updates for CRA and TPGO senior management.
- Maintain and refresh source documentation used to support the large language models (e.g. Monitoring and Testing; Regulatory Engagement), ensuring content remains current, complete, and well-governed.
- Coordinate the end-to-end tracking, closure, and archiving of regulatory exam and audit requests/responses, including uploading and indexing supporting documentation in Regulatory Strategy records management systems.
- Monitor regulatory engagements and produce periodic reporting, delivering clear, actionable status updates and insights to key stakeholders.
- Execute Control Management activities, including control reviews, policy/procedure recertifications, IAS-related support, and records management requirements.
- Support ad hoc deliverables as priorities arise (e.g. develop job-aides, data analysis/resolution), ensuring responsiveness to time-sensitive requests.
Required qualifications, capabilities, and skills:
- Qualified graduate with minimum of 10 +years of experience in the financial services industry in Risk and Compliance related roles.
- Thrive in a fast-paced environment; self-starter, able to manage competing priorities, exercise sound judgment, escalate appropriately, consistently meet deadlines and ability to deliver under pressure.
- Clear, concise communicator with strong stakeholder management skills; able to translate regulatory/compliance requirements into actionable guidance for business partners.
- Strong analytical skills: Proficient in advanced data analytics and reporting tools, including and not limited to Tableau, ThoughtSpot, and Alteryx, with demonstrated ability to leverage AI tools to drive insights and develop/enhance reporting prototypes.
- Intellectually curious with a growth mindset; willing to challenge the status quo, improve processes, and continuously upskill as regulations and business models evolve.
- Flexibility to work across time zones as needed (e.g., early morning/evening calls) to support stakeholders and cross-location coordination.
Preferred qualifications, capabilities, and skills:
- Experience in regulatory exam management or audit coordination and reporting.
- Good knowledge of risk management and control frameworks.
- Exposure to process improvement or transformation initiatives.
- Ability to build effective stakeholder collaboration across regions.