At Key, employee and candidate health is a top priority. Due to the ongoing spread of COVID-19, most interviews are being conducted virtually. Our talent acquisition team is diligently working to provide you the support you need throughout our hiring process. Learn more.

KTOS Business Risk & Controls Analyst II in Various at KeyBank

Date Posted: 11/16/2020

Job Snapshot

  • Employee Type:
  • Location:
  • Date Posted:

Job Description

This is a position within the Key Technology, Operations & Services (KTOS) Business Risk & Controls organization.  This position is primarily responsible for assisting assigned line(s) of business with the identification, measurement, and management of risk; development and implementation of sustainable controls; and development or maintenance of effective risk management policies and programs, reporting, training and testing to fulfill KTOS’s strategic objectives while operating within defined risk appetite.  Additional responsibilities include providing risk, control and compliance consultation / advice, in conjunction with the second line of defense,  on current and emerging risks impacting assigned line(s) of business; promoting accountability for the awareness and management of risk; and coordinating the management and escalation of issues.  This position will also engage and consult with corporate risk management partners across risk disciplines to develop and implement consistent risk management standards and processes across KTOS process integrations, risk tolerances and metrics.

Lead and assist with executing risk activities that are required by governance organizations or KTOS including  Business Initiative Decision (BID, LOB Risk & Control Assessments, LOB Risk Profile, Operational Risk Exposures,  process integrations, risk tolerances/metrics and assessments
Lead and assist with administering Governance, Risk and Control (GRC) activities including key risk indicator development, early warning indicator identification and risk profile draft narratives
Lead and assist with overseeing (RCSA) testing, control consulting, and management reporting
Possesses knowledge of area or function scoped for risk activities such as technology, operations and security
Assists with the performance of risk assessments assets/applications, shared services, operations,  technologies, infrastructure and processes
Documents risk assessment results and create reports for various levels of management, internal and external examiners/auditors
Consults with Management and provide strategic and tactical control solutions for non-complex situations
Provides on-going monitoring and tracking of deficiencies to ensure remediation in a proper timeframe
Lead and assist in the sustainability of the risk assessment program through the maintenance of the software utilized, documented policies and procedures that align with the enterprise Governance, Risk & Compliance (GRC) and COROM framework and the organization’s policies and standards
Present at appropriate risk committee and working group meeting including the KTOS Risk Townhall and Security & Technology Risk ORC Sub-committee and Operational Risk Committee as warranted.
Engages non-KTO lines-of-business to communicate risk assessment results, communicate impact and ensure significant issues are considered for their risk profiles.
Performs other duties and responsibilities as deemed necessary by Business Risk & Controls management.
Management of and approach to assignments
Provides consulting and support for concurrent medium to large projects and tasks with minimal to moderate supervision
Manages and completes assignments without management oversight
Demonstrates good decision-making abilities on assignments
Acts as point of contact for assigned work
Interprets corporate, risk and security policies and standards
Acts as a liaison for complex projects
Creates moderately complex documents
Analysis of work related topics and issues
Assists with the analysis of risk, compliance and security topics and issues and effectively communicates with KTOS
Identifies, analyzes and resolves risk related topics and  issues with input from peers
Develops alternatives and recommends task-level solutions
Resolves moderately complex ad hoc requests
Escalates problems and decisions in a timely manner
Seeks customer input /information and uses for improvements
Assists with process development, implementation and maintenance
Anticipates and addresses risk needs/issues
Identifies continuous improvement opportunities
Conducts research related to areas such as security, technologies, risk and compliance issues, etc.
Establishing and sustaining collaborative relationships
Interacts and/or builds/sustains collaborative relationships with KTO and others, as appropriate
Manages business partner expectations and anticipates and addresses needs
Performs activities within established Service Level Agreements (SLAs)
Demonstrates good teamwork and looks for opportunities to improve teamwork
Conducts and can lead meetings at task level
Other skills
Proficient in at least one core discipline such as technology, operations, compliance, LOB function or fraud and security.


College degree or equivalent with emphasis on business, risk management, or computer/information science.
An understanding of one or more control frameworks such as Cobit, NIST, COSO, RISK-IT and FFIEC requirements, as well as, bank regulations and guidance.
A willingness to become certified in a risk or audit designation such as the CISA, CIA, CISSP, C-RISC or CISM.
Minimum 5 or more years of experience in one or more of the following:  compliance, audit, risk management, technology, information security, fraud or line of business.
Strong organization skills and ability to manage multiple high level projects and competing priorities with little supervision.
Demonstrated ability to be self-motivated, build and manage relationships, and work in a dynamic, fast paced team environment.
Proficient use of personal computers including use of Microsoft Office, various web-based software applications, databases and mainframe application.
Proven analytical and problem solving skills, decision making and ability to drive continuous improvement.
Understanding of retail and commercial banking businesses and processes, and related federal and laws, regulations and guidance.
Demonstrate team work and accountability with strong interpersonal skills and the ability to interact effectively with external and internal clients including executive managers, along with building and sustaining collaborative relationships.
Solid written and communication skills and ability to “sell” difficult/complex concepts.


KeyCorp is an Equal Opportunity and Affirmative Action Employer committed to engaging a diverse workforce and sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.


Not Ready to Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.

At Key, we’re committed to diversity and inclusion in all we do. Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by email.