Apply on Employer Site

Washington Trust Bank · 1 month ago

Operational Risk Analyst I/II

Spokane, WA

Full-time

Onsite

Mid, Senior Level

$57K/yr - $85K/yr

5+ years exp

Washington Trust Bank is seeking an Operational Risk Analyst to implement risk and governance efforts within the organization. The role involves maintaining risk documentation, conducting risk assessments, and overseeing business continuity planning activities.

FinanceFinancial Services

Comp. & Benefits

Responsibilities

Maintain governance documentation detailing how information should be secured, including the maintenance and development of internal process/procedure documentation, including but not limited to risk, technology, and cybersecurity policies and standards

Perform formal risk analysis and self-assessments for processes, leveraging industry standards like CIS, ITIL, and COBIT to build a unique program for assigned business unit

Analyze internal controls to ensure compliance with documented and approved standards. Ensure that information systems within environment comply with company policies, standards, and procedures

Assist with regular risk assessments, including organizing recurring meetings, reviewing and implementing process changes, business and/or support function procedures, internal controls, and assessment and/or development of internal documentation

Research and respond to risk and governance questions from business units

Drive, and provide advisory and subject-matter expertise, to appropriate support teams and business units for risk and compliance readiness

Responsible for tracking and monitoring gaps in the risk and governance program; maintain gap analysis documents, gather necessary information from technology and lines of business to identify areas to improve banking practices

Implement the process to identify new assets and perform the risk evaluation process to determine risk ranking

Facilitate and liaise with technology leaders and key corporate risk groups (including Internal Audit, Operational Risk Management, Corporate Compliance, Enterprise Risk Management and Legal) to ensure the program is aligned with these groups and meeting obligations

Support third-party audits and respond to risk/governance requests from regulators and auditors

Demonstrate compliance with all bank regulations for job functions and keep up to date on regulation changes

In conjunction with management, ensure compliance with appropriate regulatory and internal policies and procedures, including writing/revising policies and procedures as needed

Maintain thorough knowledge of risk and compliance as it relates to the Division

Conduct training sessions and other information meetings pertaining to Risk and Governance topics

Conduct ongoing Graham Leach Bliley Act (GLBA) assessments as assigned

Participates in special projects or duties as assigned

Performs ongoing activities for the bank’s Business Continuity Plan, maintaining plan information, and oversees Disaster Recovery Testing to include development of tabletop exercises

Evaluates the overall condition of the plan(s) and document any necessary changes

Assists Risk Management Ambassadors with Business Continuity Plan questions or application support issues during semi-annual and annual reviews

Develops disaster recovery plans for physical locations with critical assets such as data centers

Analyzes impact on, and risk to, essential business functions or information systems to identify acceptable recovery time periods and resource requirements (Business Impact Analysis)

Develops emergency management plans for recovery decision making and communications, continuity of critical departmental processes, or temporary shut-down of non-critical departments to ensure continuity of operation and governance

Evaluates applicable laws and regulations to determine impact on organizational activities as it relates to business continuity planning

Writes reports to summarize testing activities, including descriptions of goals, planning, scheduling, execution, results, analysis, conclusions, and recommendations

Identifies opportunities for strategic improvement or mitigation of business interruption and other risks caused by business, regulatory, or industry-specific change initiatives

Creates or administers training and awareness presentations or materials

Qualification

Risk managementBusiness continuity planningCompliance knowledgeInternal auditDisaster recovery testingRegulatory frameworksCross-functional collaborationFlexibility

Required

Knowledge of risk management processes, including internal audit and information management

Experience evaluating controls relative to various frameworks such as ISO 27002, NIST CSF, NIST 800 series, or financial services regulatory frameworks such as the FFIEC IT booklets, Cybersecurity Assessment Tool (CAT) and regulatory compliance

Knowledge of systems and network concepts including access and authorization

Knowledge of applicable regulatory requirements

Ability to operate in a cross-functional environment, building and fostering relationships with other departments and stakeholders

Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness