CIBC Cayman Bank Limited is seeking an Associate, Operational Risk to play a critical Second Line of Defense role within the Three Lines of Defense model. This position provides independent oversight, constructive challenge and expert guidance to business and functional teams across banking..
Key Accountabilities
Operational Risk Management
Review, challenge and advise first line functions on operational risk and control inputs/outputs across a broad range of specialized areas, including (but not limited to) Trading, Operations, Finance, Technology/Cyber, Corporate Services, AML/ATF, Market Risk, Credit Risk and Policy Governance.
Provide ongoing oversight of operational risk exposure by leading and supporting management’s application of operational risk frameworks and tools and advising leaders on their effective use.
Maintain and administer operational risk governance records and program execution within the eGRC environment; serve as a local gatekeeper for operational risk programs.
Operational Risk Governance Tools and Programs You will be accountable for local execution, continuous improvement and fit-for-purpose adaptation of enterprise program. Key Components include:
Quarterly Self-Assessment - Own end-to-end QSA planning and delivery.
Control Testing -Serve as the subject matter expert, design testing plans, coordinate activities, manage system and records.
Risk & Control Self-Assessment - Lead complex, integrated end-to-end assessments. Act as the local expert on the Operational Risk Taxonomy (17 risk event categories). Drive timely completion, help identify risk and control gaps and advise on remediation.
Deficiency Management - Encourage and support self-identification of deficiencies. Classify deficiencies, challenge action plans, track remediation to completion and approve closure.
Change Initiative Risk Assessment - Lead project risk assessments, support consensus building and challenge stakeholders to identify operational risks aligned to the 17 risk categories.
Operational Loss Program Development - Build a local operational loss program that dovetails with parent bank requirements and addresses gaps versus regulatory expectations.
Incident Management Program Development - Develop a consolidated local incident management approach aligned with parent bank programs, bridging local and enterprise materiality thresholds.
Operational Risk Recovery Plan Development - Develop an integrated Operational Risk-focused Recovery Plan for CayBank under CRO guidance.
Policy Governance On behalf of the CRO, draft, maintain, implement and train to key local policies. Accountabilities include:
Monitoring regulatory and parent bank policy developments and translating requirements into local updates.
Managing stakeholders to ensure enterprise alignment while representing local needs.
Designing and executing policy requirements compliance monitoring plans.
Developing and maintaining supporting procedures and delivering training.
Regulatory Oversight and Reporting
Serve as a subject matter expert for operational risk regulatory requirements, including identifying developments, implementing controls/processes and monitoring adherence.
Complete required activities under the Regulatory Compliance Management policy.
Support timely and complete regulatory filings.
Support the CRO’s quarterly Board reporting and opinions, including summaries of key operational risk developments, control testing outcomes and risk assessments.
Act as a key point of contact for external examinations (e.g. CIMA and internal audit).
Additional Contributions
Develop and deliver training to staff and Directors on operational risk governance topics.
Complete administrative and coordination tasks related to meetings, materials preparation and file maintenance/archiving.
What You Bring
Recognized post-secondary degree, preferably in Business, Risk Management or a related discipline.
Minimum 3 years’ experience in compliance, operational risk management, audit, legal or other governance functions within finance services.
Deep expertise in Operational Risk Management, including risk identification, assessment methodologies, control testing concepts and operational risk governance programs.
Strong understanding of laws, regulations, and governance frameworks relevant to operational risk, including the ability to interpret requirements and translate them into practical policy/process changes.
Demonstrated ability to develop, implement, monitor, and improve policies, standards and operational risk programs in complex environments.
Advanced analytical and critical thinking capability; ability to evaluate impacts, prioritize competing risks and identify solutions to novel or high-stakes issues.
Strong stakeholder management and influencing skills, including the confidence to provide constructive challenge to senior leaders and build alignment across diverse groups.
Excellent written and verbal communication skills, including the ability to communicate regulatory expectations clearly and support executive-level and Board-ready materials.
Experience working in (or closely with) banking and/or reinsurance environments is highly valuable, along with comfort working across multiple functions.
Proficiency with risk governance tooling and disciplined documentation practices.
This role offers the opportunity to shape and mature operational risk governance in a complex, regulated environment, while partnering with committed leaders locally and across the broader enterprise. If you thrive in roles that require judgement, influence and the ability to balance local needs with enterprise alignment, we’d like to hear from you. Please submit your resume and a brief cover letter outlining your operational risk experience.
