LOCATION:

4910 Tiedeman Road, Brooklyn Ohio
About the Job
This 2nd Line of Defense role resides within the Data Risk Governance Office (DRGO), supporting oversight of enterprise-wide data governance practices across KeyCorp. The Operational Risk Officer is responsible for providing independent oversight and credible challenge to the first line of defense (1LOD) regarding data governance, data quality, metadata management, and data lifecycle practices. This role engages with leaders across business units and technology teams to ensure alignment with Key’s Data Risk Management Framework, regulatory expectations, and industry best practices.
The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies.
Essential Functions
Provide oversight and credible challenge of data governance practices across the enterprise
Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle
Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles
Monitor and report on adherence to Key’s Data Risk Management Framework and related policies
Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics
Support Data Risk Reporting and escalation management processes
Support the Data Risk Policy and Framework adherence and maturity monitoring
Participate in regulatory intelligence gathering and emerging risk identification
Assist with exam and regulatory management, including audit coordination and response
Participate in the execution of the Data Risk Validation Framework and data issue verification activities
Conduct risk and control evaluation and testing across data-related processes
Consult with 1LOD on business initiatives, critical change programs, and technology integration
Assess risks associated with new products, services, and third-party engagements (TPM)
Support regulatory reporting validation and enterprise program integration efforts
Identify and assess business process risks (BPRI), data quality variances, and exception trends
Escalate significant risk issues and facilitate corrective actions
Foster strong relationships with business partners to promote risk transparency
Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them
Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management
Maintain awareness of emerging regulatory and industry trends in data governance and operational risk
Required Qualifications
Bachelor’s degree in Information Technology, Business, Finance, or related field, or equivalent experience
Minimum 5 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance
Experience in a second line oversight function within financial services (preferred)
Advanced education or relevant certifications (preferred)
Certifications (Preferred)

Please refer the Job description for details