Operational Risk Management Senior Analyst

Connecting clients to markets – and talent to opportunity. With 5,400+ employees and over 80,000 institutional, commercial, and payments clients, we operate from more than 80 offices spread across six continents. As a Fortune 100, Nasdaq‑listed provider, we connect clients to the global markets – focusing on innovation, human connection, and providing world‑class products and services to all types of investors.

The Operational Risk Senior Analyst supports the company’s Operational Risk Management (ORM) framework by executing core risk oversight activities across business lines and support functions. This role focuses on foundational ORM processes, including Risk and Control Self‑Assessments (RCSAs), control design and operating effectiveness assessments, operational incident management, and Second Line of Defense (2LOD) control testing.

Responsibilities

• Support the execution of periodic RCSAs across assigned business lines and functions, including risk identification, control mapping, and residual risk assessment.
• Review and challenge risk statements, inherent risk ratings, control descriptions, and control effectiveness assessments for completeness and consistency.
• Assist with documentation, quality assurance, and consolidation of RCSA results for reporting and governance forums.
• Perform 2LOD control testing for in‑scope key controls, including design effectiveness and operating effectiveness testing, in line with established ORM procedures.
• Execute control testing using appropriate methods (e.g., inquiry, inspection, observation, reperformance) and defined sample sizes.
• Identify control gaps/weaknesses, support issue validation, and elevate material concerns through appropriate governance channels.
• Maintain high‑quality testing artifacts and evidence in the firm’s GRC tooling (e.g., Workiva or equivalent), aligned to ORM standards.
• Document testing results, identify control gaps or weaknesses, and support issue validation and escalation.
• Support the operational incident and loss event process, including event intake, classification, root cause analysis, and impact assessment.
• Monitor incident remediation actions and follow up with control owners to ensure timely closure.
• Prepare inputs for operational risk reporting, dashboards, and governance materials.
• Partner with 1LOD stakeholders to provide guidance on ORM expectations, control standards, and documentation practices.
• Support audits, regulatory exams, and internal reviews by providing ORM documentation and analysis as required.
• Contribute to continuous improvement of ORM processes, templates, and standards (e.g., RCSA methodology, control testing procedures, issue tracking).
• Support training/communications that strengthens risk culture and consistent ORM adoption.

Qualifications

• Solid understanding of operational risk concepts, risk and control frameworks, and the Three Lines of Defense model.
• Experience assessing control design and operating effectiveness.
• Familiarity with GRC tools, risk systems, or structured risk documentation processes is a plus.
• Strong attention to detail and documentation discipline.
• Clear written and verbal communication skills, with the ability to challenge constructively.
• Ability to manage multiple workstreams and meet deadlines.
• Collaborative mindset with the confidence to engage with senior stakeholders.
• 5+ years in operational risk, enterprise risk, compliance, internal audit, or a related control function within a regulated financial services environment.

Education / Certification Requirements:

• Bachelor’s degree in Risk Management, Finance, Accounting, Business, Economics, or a related discipline.

Working environment: Hybrid