Operational Risk Management
Page Mechanical Group, Inc., Vienna, VA, United States
Operational Risk Management Analyst – Issue Management
Location:
Vienna, VA
Work Arrangement:
hybrid - Three days per week onsite.
Role Overview This position supports the Operational Risk Management (ORM) function with a focus on Issue Management. The successful candidate will bring expertise in risk management, risk and control self-assessments (RCSA), standards, and enterprise Governance, Risk and Compliance (GRC) tool operations. The analyst will demonstrate a clear understanding of how the ORM framework applies to business operations and effectively communicate the importance of issue management. This role involves supporting daily issue management operations, partnering with RCSA and control testing teams, and tracking issue remediation activities. The analyst will conduct research, facilitate meetings, and support the business in ensuring issues are captured and managed timely. Additionally, the analyst will perform in-depth gap analyses to determine root causes of process gaps and regulatory compliance failures.
Core Competencies Required
Understanding of and ability to articulate the three lines of defense model
Ability to articulate the distinction between risk, issue, and event
Key Responsibilities
Attend meetings with stakeholders within IT and across the organization to assess and encourage the submission of issues impacting information security
Aid in the development of action plans and ensure those plans address the root cause of identified issues
Review evidence packages to confirm successful remediation of issues; prior audit experience is a plus
Leverage various communication channels and conduct meetings to obtain required information
Demonstrate familiarity with GRC tools, especially the Logic Manager platform
Support metrics and reporting around issues and event processes
Aid business units in understanding issue management practices and procedures
Keep current with information security best practices and industry trends, and communicate and apply these practices to policy improvements and compliance actions
Perform other duties as assigned
Required Qualifications
Experience in the credit union or financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
Effective planning and organizational skills
Effective research, analytical, and problem-solving skills
Strong verbal, written, and interpersonal communication skills, including technical writing
Ability to present findings and conclusions clearly and concisely
Experience working with all levels of staff, management, stakeholders, and third parties
Ability to build effective relationships through rapport, trust, diplomacy, and tact
Strong word processing and spreadsheet software skills
Preferred Qualifications
Knowledge of NCUA, FFIEC, GLBA, and NIST standards (including the Cyber Security Framework and 800 Series)
Bachelor's degree in business, information systems, or related field, or equivalent work or military experience
We are an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws.
We are committed to employing only candidates who are legally authorized to work in the United States. For compliance with the Immigration Reform and Control Act of 1986, all new employees must complete the Employment Eligibility Verification Form I-9 and provide documentation establishing identity and authorization to work. E-Verify will be used for employment verification as part of the onboarding process.
We value integrity throughout our hiring process. Candidates will be asked to provide documentation confirming employment history, education, and work authorization.
#J-18808-Ljbffr
Vienna, VA
Work Arrangement:
hybrid - Three days per week onsite.
Role Overview This position supports the Operational Risk Management (ORM) function with a focus on Issue Management. The successful candidate will bring expertise in risk management, risk and control self-assessments (RCSA), standards, and enterprise Governance, Risk and Compliance (GRC) tool operations. The analyst will demonstrate a clear understanding of how the ORM framework applies to business operations and effectively communicate the importance of issue management. This role involves supporting daily issue management operations, partnering with RCSA and control testing teams, and tracking issue remediation activities. The analyst will conduct research, facilitate meetings, and support the business in ensuring issues are captured and managed timely. Additionally, the analyst will perform in-depth gap analyses to determine root causes of process gaps and regulatory compliance failures.
Core Competencies Required
Understanding of and ability to articulate the three lines of defense model
Ability to articulate the distinction between risk, issue, and event
Key Responsibilities
Attend meetings with stakeholders within IT and across the organization to assess and encourage the submission of issues impacting information security
Aid in the development of action plans and ensure those plans address the root cause of identified issues
Review evidence packages to confirm successful remediation of issues; prior audit experience is a plus
Leverage various communication channels and conduct meetings to obtain required information
Demonstrate familiarity with GRC tools, especially the Logic Manager platform
Support metrics and reporting around issues and event processes
Aid business units in understanding issue management practices and procedures
Keep current with information security best practices and industry trends, and communicate and apply these practices to policy improvements and compliance actions
Perform other duties as assigned
Required Qualifications
Experience in the credit union or financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
Effective planning and organizational skills
Effective research, analytical, and problem-solving skills
Strong verbal, written, and interpersonal communication skills, including technical writing
Ability to present findings and conclusions clearly and concisely
Experience working with all levels of staff, management, stakeholders, and third parties
Ability to build effective relationships through rapport, trust, diplomacy, and tact
Strong word processing and spreadsheet software skills
Preferred Qualifications
Knowledge of NCUA, FFIEC, GLBA, and NIST standards (including the Cyber Security Framework and 800 Series)
Bachelor's degree in business, information systems, or related field, or equivalent work or military experience
We are an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws.
We are committed to employing only candidates who are legally authorized to work in the United States. For compliance with the Immigration Reform and Control Act of 1986, all new employees must complete the Employment Eligibility Verification Form I-9 and provide documentation establishing identity and authorization to work. E-Verify will be used for employment verification as part of the onboarding process.
We value integrity throughout our hiring process. Candidates will be asked to provide documentation confirming employment history, education, and work authorization.
#J-18808-Ljbffr