Director, Business Operations (Risk Management)
Medium, Los Angeles, CA, United States
Responsibilities
Third-Party Risk Management
Take full ownership of the firm's Third-Party Risk Management (TPRM) program, leading both strategy and hands‑on execution. Oversee vendor supervision using a risk-based approach, ensuring seamless management throughout the vendor lifecycle—including due diligence, onboarding, ongoing monitoring, remediation, and off‑boarding.
Ensure all vendor risk activities comply with internal policies, regulatory requirements (SEC, FINRA), and investor standards.
Regularly update and maintain TPRM policies, standards and procedures, delivering clear documentation and continuous improvements.
Incident Management
Lead the execution and ongoing enhancement of the firm’s Incident Response Plan. Collaborate closely with legal, compliance, technology and additional internal stakeholders to maintain and update protocols.
Serve as the primary point of contact for all incident types, coordinating rapid triage, containment, and resolution across teams. Guide the Incident Response Team, including after‑hours support, as needed.
Track, report, and document incidents; conduct thorough reviews and remediation planning post‑incident. Perform analytics and root‑cause analysis to proactively reduce future risk and continually evolve the program to meet emerging threats and business needs.
Business Continuity Planning (BCP)
Own and drive the Business Continuity Planning program, from policy development and governance to hands‑on execution of annual tests and disaster response. Lead BCP committees and engage stakeholders to ensure the program evolves with changing business and regulatory requirements.
Conduct regular business impact assessments to define suitable recovery goals. Integrate high‑risk service providers into BCP testing, maintain comprehensive documentation of outcomes, and deliver remediation where needed.
Execute BCP plans during disasters, providing after‑hours leadership to restore operations promptly and in accordance with established recovery strategies.
Operational Excellence & Reporting
Continuously review and refine workflows to optimize efficiency. Identify and implement improvement opportunities across operational risk controls.
Deliver high‑quality, insightful reporting—including dashboards, KPI tracking, incident summaries, and vendor risk metrics—to senior leadership and committees.
Maintain client‑ready documentation of operational risk controls; collaborate with the RFP team to address due diligence questionnaires and inquiries. Support internal/external audits, regulatory exams, and investor due diligence processes.
Partner with Compliance to ensure SEC and FINRA regulatory adherence, actively supporting employee training and awareness initiatives.
Manage one direct report and oversee vendor resources. Responsible for hiring, coaching and performance management.
Support divisional and departmental business operational reporting, including Quarterly Business Review (QBRs).
Support the Head of Transformation on high‑priority, firm‑wide initiatives and special projects.
Educational / Experience Requirements
Bachelor’s degree required (Business, Economics, Information Systems, Risk Management, or related field preferred).
12+ years
of business operations, internal controls, risk management, or compliance experience.
Experience in real estate, asset management, financial services, or similar industries required.
Experience as a people manager required.
Advanced proficiency in
Excel
(index/match, pivot tables, advanced formulas, analytics).
Familiarity with risk frameworks (e.g., SOC 2, NIST, ITGC, SOX) is preferred.
Experience with Prevalent or similar platforms.
Familiarity with FINRA and SEC compliance frameworks; FINRA S99 is a plus.
About You
Bachelor’s degree required (Business, Economics, Information Systems, Risk Management, or related field preferred).
12+ years
of business operations, internal controls, risk management, or compliance experience.
Experience in real estate, asset management, financial services, or similar industries required.
Experience as a people manager required.
Advanced proficiency in
Excel
(index/match, pivot tables, advanced formulas, analytics).
Familiarity with risk frameworks (e.g., SOC 2, NIST, ITGC, SOX) is preferred.
Experience with Prevalent or similar platforms.
Familiarity with FINRA and SEC compliance frameworks; FINRA S99 is a plus.
What CIM Offers
A variety of Medical, dental, and vision benefit plans
Health Savings Account with a generous employer contribution
Company‑paid life and disability insurance
401(k) savings plan, with company match
Comprehensive paid time off, including vacation days, 10 designated holidays, sick time, and bereavement leave
Up to 16 hours of volunteer time off
Up to 16 weeks of Paid Parental Leave
Ongoing professional development programs
Wellness program, including monthly and quarterly prizes
And more!
EEO Statement At CIM Group, we believe that the unique perspectives and backgrounds of our employees enhance everything we do. We are committed to fostering an inclusive environment where diversity is not only respected but celebrated. We strive to ensure that our workplace is free from discrimination and harassment, allowing everyone to contribute meaningfully and feel a sense of belonging. As an equal opportunity employer, we strictly prohibit any form of unlawful discrimination and adhere to the laws enforced by the EEOC. Our goal is to provide a safe and supportive environment where all employees can grow and make impactful contributions together.
*Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on CIM Group.
Please inform our Talent team if you need any assistance completing any forms or otherwise participating in the application process.
CIM is committed to maintaining the confidentiality and privacy of your personal and financial information.
#J-18808-Ljbffr
Take full ownership of the firm's Third-Party Risk Management (TPRM) program, leading both strategy and hands‑on execution. Oversee vendor supervision using a risk-based approach, ensuring seamless management throughout the vendor lifecycle—including due diligence, onboarding, ongoing monitoring, remediation, and off‑boarding.
Ensure all vendor risk activities comply with internal policies, regulatory requirements (SEC, FINRA), and investor standards.
Regularly update and maintain TPRM policies, standards and procedures, delivering clear documentation and continuous improvements.
Incident Management
Lead the execution and ongoing enhancement of the firm’s Incident Response Plan. Collaborate closely with legal, compliance, technology and additional internal stakeholders to maintain and update protocols.
Serve as the primary point of contact for all incident types, coordinating rapid triage, containment, and resolution across teams. Guide the Incident Response Team, including after‑hours support, as needed.
Track, report, and document incidents; conduct thorough reviews and remediation planning post‑incident. Perform analytics and root‑cause analysis to proactively reduce future risk and continually evolve the program to meet emerging threats and business needs.
Business Continuity Planning (BCP)
Own and drive the Business Continuity Planning program, from policy development and governance to hands‑on execution of annual tests and disaster response. Lead BCP committees and engage stakeholders to ensure the program evolves with changing business and regulatory requirements.
Conduct regular business impact assessments to define suitable recovery goals. Integrate high‑risk service providers into BCP testing, maintain comprehensive documentation of outcomes, and deliver remediation where needed.
Execute BCP plans during disasters, providing after‑hours leadership to restore operations promptly and in accordance with established recovery strategies.
Operational Excellence & Reporting
Continuously review and refine workflows to optimize efficiency. Identify and implement improvement opportunities across operational risk controls.
Deliver high‑quality, insightful reporting—including dashboards, KPI tracking, incident summaries, and vendor risk metrics—to senior leadership and committees.
Maintain client‑ready documentation of operational risk controls; collaborate with the RFP team to address due diligence questionnaires and inquiries. Support internal/external audits, regulatory exams, and investor due diligence processes.
Partner with Compliance to ensure SEC and FINRA regulatory adherence, actively supporting employee training and awareness initiatives.
Manage one direct report and oversee vendor resources. Responsible for hiring, coaching and performance management.
Support divisional and departmental business operational reporting, including Quarterly Business Review (QBRs).
Support the Head of Transformation on high‑priority, firm‑wide initiatives and special projects.
Educational / Experience Requirements
Bachelor’s degree required (Business, Economics, Information Systems, Risk Management, or related field preferred).
12+ years
of business operations, internal controls, risk management, or compliance experience.
Experience in real estate, asset management, financial services, or similar industries required.
Experience as a people manager required.
Advanced proficiency in
Excel
(index/match, pivot tables, advanced formulas, analytics).
Familiarity with risk frameworks (e.g., SOC 2, NIST, ITGC, SOX) is preferred.
Experience with Prevalent or similar platforms.
Familiarity with FINRA and SEC compliance frameworks; FINRA S99 is a plus.
About You
Bachelor’s degree required (Business, Economics, Information Systems, Risk Management, or related field preferred).
12+ years
of business operations, internal controls, risk management, or compliance experience.
Experience in real estate, asset management, financial services, or similar industries required.
Experience as a people manager required.
Advanced proficiency in
Excel
(index/match, pivot tables, advanced formulas, analytics).
Familiarity with risk frameworks (e.g., SOC 2, NIST, ITGC, SOX) is preferred.
Experience with Prevalent or similar platforms.
Familiarity with FINRA and SEC compliance frameworks; FINRA S99 is a plus.
What CIM Offers
A variety of Medical, dental, and vision benefit plans
Health Savings Account with a generous employer contribution
Company‑paid life and disability insurance
401(k) savings plan, with company match
Comprehensive paid time off, including vacation days, 10 designated holidays, sick time, and bereavement leave
Up to 16 hours of volunteer time off
Up to 16 weeks of Paid Parental Leave
Ongoing professional development programs
Wellness program, including monthly and quarterly prizes
And more!
EEO Statement At CIM Group, we believe that the unique perspectives and backgrounds of our employees enhance everything we do. We are committed to fostering an inclusive environment where diversity is not only respected but celebrated. We strive to ensure that our workplace is free from discrimination and harassment, allowing everyone to contribute meaningfully and feel a sense of belonging. As an equal opportunity employer, we strictly prohibit any form of unlawful discrimination and adhere to the laws enforced by the EEOC. Our goal is to provide a safe and supportive environment where all employees can grow and make impactful contributions together.
*Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on CIM Group.
Please inform our Talent team if you need any assistance completing any forms or otherwise participating in the application process.
CIM is committed to maintaining the confidentiality and privacy of your personal and financial information.
#J-18808-Ljbffr