Job Description : Your background
Your background
Functional expertise in Compliance or Risk Management in one or more Technology domains of software development and maintenance, infrastructure operations, information security or data architecture specific to Financial industry.
Experience in project management roles such as automation projects in an Operations department can also be considered.
Experience in cyber security roles can also be considered.
Experience in implementing technology frameworks such as Software Capability Maturity Model, IT Service Management, COBIT, IT Quality Assurance or Audit roles is desired
Exposure to compliance or risk management frameworks
An understanding of metrics and key risk indicators
Prior knowledge of regulations desirable but not essential
Practical approach to problem solving
Ability to work well in a team and also independently
Demonstrate intellectual curiosity and focused on continuous learning and skill development
Ability to effectively engage with stakeholders at all levels of seniority
Strong written and verbal communication skills
Proficient in Microsoft Office, in particular Word, Excel and PowerPoint
Must be able to perform well under pressure
Strong attention to detail and accuracy
What you can expect
The Compliance and Operational Risk (C&OR) Specialist is responsible for ensuring the identification, escalation and timely mitigation of compliance and operational risks, including information security risks, in Technology teams supporting Investment Banking, Corporate Banking, Research and related operations in alignment with the global compliance and operational policies and the program.
Proactively engage with other C&OR officers, including horizontal coverage owners and Enterprise Areas of Coverage, to provide comprehensive oversight of the business’ respective operations and activities.
Preparing materials for C&OR regulatory exams / audits / inquiries and provides consultation to business leaders in preparation for regulatory exams / audits / inquiries.
This role reports to the Head of Compliance and Operational Risk for Global Technology and Global Operations in APAC, and works inside, and is part of, the critical compliance and operational risk function.
The focus of this role is to conduct technology risk management, participate in the development of compliance and operational risk procedures, assist in management routines, reporting, assist in resolving compliance and operational issues and provide training and education.
What you will do
The responsibilities include regulatory change and inventory management, participation in governance and management routines such as APAC Technology and Operations Risk Forum, APAC Global Information Security Council, APAC Business Continuity Council.
Implementing monitoring and testing activities to evaluate controls within the front line units to manage technology risks.
Challenge adequacy of front line unit controls in managing internal and external technology risks include cyber risks
The individual will be responsible for compliance risk assessment of technology functions through both targeted and annual assessments.
Develops and maintains C&OR-owned policies and standards and / or provides oversight of Technology-owned policies, standards and procedures to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
Monitors the regulatory environment to identify regulatory changes applicable to areas of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and / or processes to address regulatory requirements, and challenges the implementation plan as needed;
maintains a comprehensive regulatory inventory
Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on business-owned issues and control enhancements
Ensures C&OR owned issues and control enhancements are identified and addressed appropriately and timely
Contributes to development of risk coverage plans, executes execution of monitoring, testing and risk assessments, communicates results to stakeholders
Reviews and challenges contributions to the business process, risk, control inventory and Risk & Control Self-Assessments
Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
Participates in Scenario Analysis activities and Tabletop exercises for coverage areas and challenges as appropriate
Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation
About Bank of America
Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries.
In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients.
We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.
Connecting Asia Pacific to the world
Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities.
Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.
