Senior Risk Officer (IT Risk)
Job #:
req31067
Organization:
World Bank
Sector:
Risk
Grade:
GG
Term Duration:
3 years 0 months
Recruitment Type:
International Recruitment
Location:
Washington, DC,United States
Required Language(s):
English
Preferred Language(s):
Closing Date:
1/30/2025 (MM/DD/YYYY) at 11:59pm UTC
Description
Do you want to build a truly worthwhile career? The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty and promoting shared prosperity. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org.
The Operational Risk Department (CROOR) is looking for an individual with 10 plus years' of practical experience in operational risk related roles, experience in leading risk related initiatives and an excellent track record in helping clients improve operational risk management. Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.
While day-to-day operational risk management lies with the business functions, the Operational Risk Department (CROOR) which operates under the Group CRO has key responsibilities which include (i) oversight of operational risks across the Bank including regular monitoring and reporting of risks, (ii) development and implementation of an operational risk methodology to support reporting of operational risks, (iii) coordination and communication with business units to ensure identification and prioritization of operational risks and events, (iv) assisting the Bank in managing key risks in collaboration with business partners, (v) maintaining a governance risk and compliance tool to facilitate data collection and reporting, (vi) acting as the secretariat for the Operational Risk Committee (ORC") which is the principal governance body under the authority of the CRO for operational risks, and (vi) evaluating operational risk issues and related issues for new products, and (vii) providing training on operational risks to champions representing the business functions.
Duties and Accountabilities
The Senior Risk Officer will focus on: (i) supporting first line of defense functions on all aspects of operational risk management; (ii) contributing to the operational risk team in the enhancement of the risk management framework and (ii) the coordination of risk management initiatives.
Specifically, the risk officer is expected to work closely with Bank units to help:
⢠Interact with the selected functions on operational risk related matters, including IT and others.
⢠Partnering and overseeing IT first line of defense functions on all aspects of operational risk management.
⢠Monitor internal and external risk profile, review risk assessment, challenge and provide feedback to ensure it adequately reflects reality, including refine and review indicators and thresholds used to report operational risks.
⢠Review and advice on IT risk management and cybersecurity measures and recommend mitigation strategies. ⢠Collaborate and challenge risk partners specifically IT and cybersecurity teams and the ThirdParty Risk Management teams.
⢠Monitor the IT related risk landscape and brief senior management on IT risk related matters.
⢠Provide second-line assurance on the implementation of IT solutions including AI, ensuring they align with the organization's risk management framework.
⢠Coordinate with relevant stakeholders to ensure effective response and recovery from data cybersecurity incidents.
⢠Monitor risks related to IT projects, and infrastructure, establish reporting and proactively challenge first line.
⢠Lead risk management initiatives that include assessing the risk and developing appropriate risk management strategies that is in line with the Bank's risk appetite
⢠Design and implement business unit strategies to enhance risk management capabilities for business units
⢠Guide business units to identify, assess, prioritize, monitor, and report enterprise and operational risks in their functional areas
⢠Facilitate the quarterly operational risk reporting process, including identifying key issues for discussion with the first line, following up on key risk issues, monitoring KRIs and events and coordinating discussions with management
⢠On board" new business units with respect to their interaction with the ORC
⢠Provide advice and guidance to business units to mitigate or reduce operational risk ⢠Perform research on various thematic areas to understand operational risk landscape that includes trends, emerging risks, good practices, regulatory changes etc.
⢠Participate in designing, testing, and implementing new and current technology solutions, including providing 2nd line assurance on the implementation of AI solutions ⢠Support the development and delivery of the team's internal communication strategy to increase stakeholder awareness
⢠Support CRO leadership on advising senior management on technical operational risk issue ⢠Write reports for management and the Board that summarize operational risk issues
Selection Criteria
⢠Master's degree or equivalent in a business or finance related discipline
⢠Minimum of 8 years practical experience in IT risk management, cyber security, IT controls, third party risk management, data privacy and data management.
⢠Experience in an operational risk related function in a complex organization in the financial services industry or in a major multilateral organization.
⢠Experience with risk frameworks, methodologies and regulations such as Basel, ISO, COSO, COBIT
⢠An excellent understanding of AI governance and risk management frameworks such as NIST, AI Verify, ISO, OWASP, MITRE
⢠Track record in implementing operational risk methodologies in a banking/financial services environment
⢠Hands-on experience on implementing, executing, and reviewing Third Party Risk Management process
⢠Hands-on experience of working with governance risk and compliance tools and implementing operational risk reporting for clients
⢠Hands-on experience on data analytics tool such as Power BI, Tableau, SQL, ACL, Power Query.
⢠Hands-on experience on the implementation and adoption of GenAI-powered use cases. ⢠Outstanding interpersonal skills to interact effectively with colleagues, various levels of client staff and management
⢠Exceptional communication skills, written and oral, including the ability to explain and express views/opinions articulately and confidently
⢠Proven quantitative and analytical skills, especially skills of independent and innovative issue analysis and problem solving
⢠Proven written and oral communication skills, with potential to effectively coordinate with other business units in the Bank. Ability to explain complex issues in a concise and straight-forward manner is a plus
⢠Ability to work well under pressure and to meet tight deadlines. Demonstrate high level of motivation, confidence, integrity, and responsibility.
World Bank Group Core Competencies
The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.
We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.
Learn more about working at the World Bank and IFC , including our values and inspiring stories.
