Sr Operational Risk Analyst II (Non-Financial Risk Lead)
As a Sr Operational Risk Analyst II (Non-Financial Risk Lead), you will play a critical role in strengthening the Operational Risk and IT Risk posture. You will support 1st Line of Defense (LoD) business owners in identifying, assessing, and mitigating risks that could impact strategic objectives. This role reports to the AVP, OR&R Service Lead.
Key Responsibilities:
- Lead the execution of key Operational Risk and IT Risk programs, including second line risk reviews of critical business functions.
- Provide consultative support on Risk Control Self-Assessment (RCSA) for 1st Line and Issues Management.
- Partner with business and technology stakeholders to enhance the Operational Risk and Resilience Framework, ensuring alignment with regulatory expectations and industry best practices.
- Provide subject matter expertise on Operational Risk and IT Risk domains, including cybersecurity, third-party risk, data governance, portfolio, and program & project risk.
- Facilitate risk assessments and control evaluations across consumer markets such as Life Insurance, Annuities, and Actuarial.
- Deliver clear, actionable guidance on risk mitigation strategies and control enhancements.
- Monitor emerging risks and regulatory developments, translating insights into proactive risk management actions.
- Support the development and maintenance of risk tools and documentation, including business process flows, risk libraries, and control taxonomies.
Required Experience:
- Bachelor's degree and 8+ years of experience in Operational Risk, IT Risk, Compliance, Audit, or related control functions.
- Proven experience managing risk across multiple domains: cybersecurity, third-party/vendor risk, IT operations, business continuity, and project risk.
- Strong understanding of risk frameworks (e.g., COSO, NIST, ISO 31000) and regulatory expectations (e.g., FFIEC, NYDFS, HIPAA).
- Experience supporting 1st LoD in maintaining RCSAs, KRIs, and risk issue remediation.
- Proficiency with risk management tools such as RSA Archer, MS Visio, and Excel.
- Excellent communication skills with the ability to influence and build consensus across technical and non-technical stakeholders.
- Strong analytical, problem-solving, and strategic thinking skills.
- Experience in project delivery in a risk or control environment.
Preferred Qualifications:
- Certifications such as CISSP, CRISC, CISA, or SANS related credentials.
- Experience in the insurance or financial services industry, particularly in shared services or enterprise functions.
- Ability to translate complex risk concepts into practical, business-aligned solutions.
- Demonstrated success in cross-functional collaboration and risk culture development.
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you require an accommodation in using our website for a search or application, please contact our Employee Services Department at ...@apexsystems.com or 844-###-####.