Business Controls Analyst II in Brooklyn, OH at Key Bank- Corporate

Date Posted: 1/21/2020

Job Snapshot

Job Description


This is a position within the Key Technology & Operations (KTO) Business Risk & Controls organization. This position is primarily responsible for assisting assigned line(s) of business with the identification, measurement, and management of risk; development and implementation of sustainable controls; and development or maintenance of effective risk management policies and programs, reporting, training and testing to fulfill KTO’s strategic objectives while operating within defined risk appetite. Additional responsibilities include providing risk, control and compliance consultation / advice, in conjunction with the second line of defense, on current and emerging risks impacting assigned line(s) of business; promoting accountability for the awareness and management of risk; and coordinating the management and escalation of issues. This position will also engage and consult with corporate risk management partners across risk disciplines to develop and implement consistent risk management standards and processes across KTO process integrations, risk tolerances including IT-ARCA (IT application risk and control assessment).

  • Lead and assist with executing risk activities that are required by governance organizations or KTO including Business Initiative Decision (BID, LOB Risk & Control Assessments, LOB Risk Profile, Operational Risk Exposures, process integrations, risk tolerances/metrics and IT-ARCA (IT asset risk and control assessment)
  • Lead and assist with administering Governance, Risk and Control (GRC) activities including key risk indicator development, early warning indicator identification and risk profile draft narratives
  • Lead and assist with overseeing IT-ARCA and Risk & Control Self-Assessment (RCSA) testing, control consulting, and management reporting
  • Possesses knowledge of area or function scoped for risk activities such as technology, operations and security
  • Assists with the performance of risk assessments of assets/applications, shared services, operations, technologies, infrastructure and processes
  • Documents risk assessment results and create reports for various levels of management, internal and external examiners/auditors
  • Consults with Management and provide strategic and tactical control solutions for non-complex situations
  • Provides on-going monitoring and tracking of deficiencies to ensure remediation in a proper timeframe
  • Lead and assist in the sustainability of the risk assessment program through the maintenance of the software utilized, documented policies and procedures that align with the enterprise Governance, Risk & Compliance (GRC), IT-ARCA, and COROM framework and the organization’s policies and standards
  • Present at appropriate risk committee and working group meeting including the Information & Technology Risk Townhall and Security & Technology Risk ORC Sub-committee and Operational Risk Committee as warranted.
  • Engages non-KTO lines-of-business to communicate IT risk assessment results, communicate impact and ensure significant issues are considered for their risk profiles.
  • Performs other duties and responsibilities as deemed necessary by Business Risk & Controls management.

Management of and approach to assignments
  • Provides consulting and support for concurrent medium to large projects and tasks with minimal to moderate supervision
  • Manages and completes assignments without management oversight
  • Demonstrates good decision-making abilities on assignments
  • Acts as point of contact for assigned work
  • Interprets corporate, risk and security policies and standards
  • Acts as a liaison for complex projects
  • Creates moderately complex documents

Analysis of work related topics and issues
  • Assists with the analysis of risk, compliance and security topics and issues and effectively communicates with KTO
  • Identifies, analyzes and resolves risk related topics and issues with input from peers
  • Develops alternatives and recommends task-level solutions
  • Resolves moderately complex ad hoc requests
  • Escalates problems and decisions in a timely manner
  • Seeks customer input /information and uses for improvements
  • Assists with process development, implementation and maintenance
  • Anticipates and addresses risk needs/issues
  • Identifies continuous improvement opportunities
  • Conducts research related to areas such as security, technologies, risk and compliance issues, etc.

Establishing and sustaining collaborative relationships
  • Interacts and/or builds/sustains collaborative relationships with KTO and others, as appropriate
  • Manages business partner expectations and anticipates and addresses needs
  • Performs activities within established Service Level Agreements (SLAs)
  • Demonstrates good teamwork and looks for opportunities to improve teamwork
  • Conducts and can lead meetings at task level

Other skills
  • Proficient in at least one core discipline such as technology, operations, compliance, LOB function or security.
  • College degree or equivalent with emphasis on business, risk management, or computer/information science,
  • An understanding of one or more control frameworks such as Cobit, NIST, COSO, RISK-IT and FFIEC requirements, as well as, bank regulations and guidance.
  • A willingness to become certified in a risk or audit designation such as the CISA, CIA, CISSP, C-RISC or CISM.
  • Minimum 5 or more years of experience in one or more of the following: compliance, audit, risk management, technology, information security or line of business.
  • Strong organization skills and ability to manage multiple high level projects and competing priorities with little supervision.
  • Demonstrated ability to be self-motivated, build and manage relationships, and work in a dynamic, fast paced team environment.
  • Proficient use of personal computers including use of Microsoft Office, various web-based software applications, databases and mainframe application.
  • Proven analytical and problem solving skills, decision making and ability to drive continuous improvement.
  • Understanding of retail and commercial banking businesses and processes, and related federal and laws, regulations and guidance.
  • Demonstrate team work and accountability with strong interpersonal skills and the ability to interact effectively with external and internal clients including executive managers, along with building and sustaining collaborative relationships.
  • Solid written and communication skills and ability to “sell” difficult/complex concepts.


KeyCorp is an Equal Opportunity and Affirmative Action Employer committed to engaging a diverse workforce and sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.


Not Ready to Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.

At Key, we’re committed to diversity and inclusion in all we do. Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by email.