Operational Risk Management Jobs in California (NOW HIRING)

GENERAL SUMMARY

The Operational Risk Business Partner (ORBP) is part of our Second Line of Defense (2LOD) Operational Risk Management (ORM) function. ORBP will serve as a pivotal partner to front-line risk managers and business units in designing, executing, and maturing the bank’s Risk and Control Self-Assessment (RCSA) program. ORBP will provide expert challenge, guidance, and subject-matter expertise to ensure robust risk identification, assessment, monitoring, and reporting. ORBP will collaborate with second-line SMEs to translate risk insights into actionable improvements, contribute to the development of key risk indicators (KRIs), and drive risk culture and training across divisions. This is an individual contributor role focused on delivering results through advice, governance, and expert guidance rather than direct team management.

ESSENTIAL FUNCTIONS

• Lead and coordinate the annual end to end and ongoing RCSA process with front-line risk managers across business units. 
• Provide independent oversight of operational risk management activities performed by the First Line of Defense.
• Provide strong, constructive challenge to ensure comprehensive risk and control identification, assessment, and documentation. Validate risk ratings, control effectiveness, residual risk levels, and action plans; ensure consistency with policy standards and escalation thresholds.  Review and approve risk and control narratives, risk taxonomy alignment, and control owner accountability.
• Act as a trusted advisor to business unit risk champions and process owners, offering expert guidance on risk controls, control design, and risk acceptance criteria.  Facilitate risk workshops, interviews, and scenario analysis to surface emerging risks and ensure timely remediation.  Facilitate constructive dialogue between 1LOD and risk governance functions.
• Lead the development, validation, and enhancement of the bank’s Key Risk Indicators (KRIs) in partnership with owners and SMEs.  Monitor KRI performance, perform trend analysis, and recommend risk-reduction actions or escalation when indicators breach thresholds.  Integrate KRI results into governance forums and reporting to senior management and risk committees.
• Design and deliver risk training programs, workshops, and communications to enhance risk awareness and control practices across divisions. Develop practical guidance, playbooks, and toolkits to standardize risk assessment methodologies and control testing approaches.
• Collaborate with second-line SMEs (e.g., IT, cyber, information security, business continuity, model risk, compliance) to incorporate their assessments into the RCSA and KRIs. Translate SME findings into actionable risk actions, monitoring plans, and escalation paths. 
• Support the development and maintenance of risk libraries, control dictionaries, and standard risk assessment criteria.
• Prepare and present risk and control status, themes, and remediation progress to risk committees, governance forums, and senior leadership.
• Maintain issue and remediation tracking, ensuring timely closure and evidence of control improvements by conducting validation of all remediation plans by 1LOD.
• Contribute to policy interpretation, standards, and procedures related to operational risk and RCSA practices.
• Maintain high-quality RCSA documentation, control catalogs, and risk registers in the risk management systems.
• Support New Product and services launch risk assessments. 
• Perform data-driven analyses to identify patterns, gaps, and opportunities for risk reduction.
• Identify opportunities to enhance RCSA efficiency, consistency, and effectiveness through process improvements, automation, and technology solutions.
• Participate in GRC system enhancement projects and user acceptance testing for risks systems.
• Promote a strong risk culture by driving accountability, constructive challenge, and timely escalation of issues.
• Stay current on regulatory expectations, industry.

QUALIFICATIONS

Education:

• Bachelor’s degree in Finance, Risk Management, Business Administration, or related discipline (Master’s preferred)  

Experience:

• Minimum 5-7 years of experience in operational risk, RCSA, incident and issue management, internal controls, or audit within financial services or a similarly regulated industry. 
• Demonstrated ability to challenge front-line risk managers and influence risk-based decision making without direct line authority.
• Prior experience as a second-line risk professional or risk partner with cross-functional collaboration across IT, cyber, information security, business continuity, compliance, and operations.
• Deep understanding of first line processes and risk/control activities. 

Skills/Ability:

• Understanding of operational risk management principles, frameworks, and methodologies within the financial services industry. This includes knowledge of regulatory requirements (such as Basel III) and industry’s best practices.
• Knowledge of operational risk frameworks (e.g., Basel, ORMF), internal control standards, and incident management tools.
• Strong analytical and problem-solving skills; ability to interpret data and identify trends.
• Strong analytical thinking and attention to detail.
• Excellent communication and stakeholder management abilities.
• Ability to synthetize complex information into clear, actionable insights.
• Attention to detail and a proactive mindset, ability to work under tight deadlines.
• Collaborative mindset with a proactive attitude towards problem-solving. 

OTHER DETAILS

$110K – $133K / year 
Pay determined based on job-related knowledge, skills, experience, and location.
This position may be eligible for a discretionary bonus.