Individuals in Operational Risk establish and manage operational risk policies, propose strategies, and governance processes designed to minimize losses from inadequate controls, fraud, and potential bankruptcy. This includes supervision over technology operational risk, cyber risk, and fraud risk. These individuals are also responsible for the development of tools and infrastructure that support fraud monitoring and prevention, using advanced analytical and statistical skills to identify policy gaps and recommend changes to current policies. This role is crucial to the company as it fortifies against potential operational risks, thereby protecting the company's financial stability and reputation, and contributing towards the overall business resilience and success. **Responsibilities** : + Lead and coordinate third-party risk management activities, including assessments, reassessments, and ongoing monitoring. This involves representing business leadership in these efforts and liaising with internal and external stakeholders (e.g., Third Party Utility). + Conduct risk assessments of third parties, considering market trends and the business's risk appetite. Develop and implement risk mitigation strategies, including exit strategies, to address identified gaps and issues. + Ensure third-party compliance with required policies and controls. Oversee contract management, ensuring proper execution and upload of contracts into the Contract Management System. + Monitor third-party performance against service level agreements. Address escalations related to non-performance and contractual issues. Facilitate remediation of identified issues. + Participate in the identification, measurement, monitoring, and reporting of operational risks. Assist in developing and implementing operational risk management protocols and promoting best practices. + Continuously evaluate and improve third-party risk management processes. Design and advocate for risk reduction strategies and process improvements that enhance efficiency. + Support the development, execution, and analysis of reports related to third-party risk management activities. + Engage with key stakeholders (operations, tech teams, etc.) for on-site visits and collaboration on risk management activities. Ensure alignment with organizational decisions and prioritize team and enterprise success. + Anticipate potential risks, escalate concerns, and implement controls to mitigate them. Proactively identify solutions that address root causes and result in meaningful improvements. + Uphold ethical conduct in all situations and ensure compliance with applicable laws and regulations. Proactively volunteer in community support programs. **Qualifications** : + 5-8 years of experience in risk management, specializing in resilience and third-party risk, with a strong understanding of related policies, procedures, governance, and risk appetite. + Proven ability to implement and manage third-party and resilience risk processes across diverse sectors and regions, including conducting comprehensive risk reviews. + Solid understanding of relevant regulations and standards, demonstrating a consistent ability to ensure compliance in various organizational contexts. + Strong analytical skills to interpret complex data, create and analyze management information systems (MIS), and present findings in clear and concise reports. + Demonstrated ability to proactively identify, assess, and mitigate potential risks, ensuring adherence to regulatory standards and minimizing operational losses. + Excellent communication, collaboration, and stakeholder management skills to effectively interact with diverse teams, providing counsel and implementing risk management strategies. + Adaptability, critical thinking, and problem-solving skills to challenge established practices and drive continuous improvement in risk management processes. **Education** : Bachelor's/University degree or equivalent experience ------------------------------------------------------ **Job Family Group:** Risk Management ------------------------------------------------------ **Job Family:** Operational Risk ------------------------------------------------------ **Time Type:** Full time ------------------------------------------------------ **Most Relevant Skills** Analytical Thinking, Constructive Debate, Controls Design, Escalation Management, Issue Management, Operational Risk, Policy and Procedure, Policy and Regulation, Risk Controls and Monitors, Risk Identification and Assessment. ------------------------------------------------------ **Other Relevant Skills** For complementary skills, please see above and/or contact the recruiter. ------------------------------------------------------ _Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._ _If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review_ _Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm)_ _._ _View Citi’s_ _EEO Policy Statement (https://www.citigroup.com/global/eeo-aa-policy)_ _and the_ _Know Your Rights (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf)_ _poster._ Citi is an equal opportunity and affirmative action employer. Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.