Research American Express before you apply
Check ratings, real-employee reviews, verified pay, and interview difficulty.
B30 – Analyst, Operational Risk Management (ORM) – Independent Monitoring & Testing
The objective of the Operational Risk Management (ORM) Independent Monitoring & Testing team is to strengthen organizational resilience through independent monitoring and testing activities, establish clear standards for reporting and risk assessments, and provide a holistic view of operational risk through aggregated reporting.
Operational Risk Management is seeking an Analyst for the Independent Monitoring & Testing team, focused on ensuring effective operational risk management is embedded into day-to-day business operations. This role requires extensive collaboration across multiple business units, functional areas, and geographies.
Responsibilities
The Analyst, Operational Risk Management (ORM), Independent Monitoring & Testing, will:
- Support the independent testing and monitoring program based on an annual risk-assessed plan and established testing methodologies
- Develop a comprehensive operational risk coverage universe that supports a risk-based annual plan
- Independently monitor operational risk trends and activities across the enterprise
- Support and execute an effective challenge process based on defined criteria and integrated into the annual plan
- Perform Test of Design (ToD) and Test of Effectiveness (ToE) activities and maintain associated control testing documentation
- Demonstrate strong knowledge of policies and guidelines related to RCSA, PRCA, Enterprise Risk Management, internal control frameworks, and risk parameters
- Possess an understanding of the Issue Management lifecycle, including issue identification, remediation, validation, and closure processes
- Manage independent Second Line of Defense (2LoD) testing activities, including integration of methodologies and test plans to address interconnected risks
- Coordinate a holistic and de-duplicated independent risk assessment process
- Proactively identify high-risk areas requiring intervention or escalation
- Support cross-functional Communities of Practice (CoPs) by sharing best practices and helping pioneer new methodologies
- Drive reporting related to operational risk topics for the Enterprise Risk Management Committee, Board of Directors, and Senior Management, while providing support and oversight for associated initiatives
- Act as a key contributor in sharing insights, themes, and best practices across the enterprise in a proactive manner
Qualifications
- CA/CS/MBA/B.Tech or Master's degree in Economics or Statistics, or a related field (preferably from a top-tier institute) with 0–3 years of relevant experience.
- Strong understanding of critical operational risk management lifecycle & issue management activities
- Excellent project management, communication, and interpersonal skills
- Experience in process governance and familiarity with policies, regulatory frameworks, and operational standards
- Strong analytical and problem-solving capabilities, including the ability to analyze data, identify trends, and evaluate risk scenarios effectively
- Experience in control testing, risk assessment, and audit functions
- Experience working within any Line of Defense (LoD) framework
- Excellent communication skills and proactiveness
Experience in one or more of the following areas is preferred:
- Prior experience in Operational Risk Management, Internal Audit, Statutory Audit, Risk Management, or First- or Second-Line Risk functions is preferred.
- Translating operational risk strategy and appetite into execution guidelines
- Monitoring and identifying breaches in Key Risk Indicator (KRI) thresholds and risk appetite metrics
- Supporting implementation of operational risk governance frameworks
- Developing and communicating operational risk procedures and standards while ensuring adherence
- Supporting operational risk examination and regulatory management processes