DescriptionYou Lead the Way. We’ve Got Your Back.With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.Join Team Amex and let's lead the way together.How we serve our customers is constantly evolving and is a challenge we gladly accept. Whether you’re finding new ways to prevent identity fraud or enabling customers to start a new business, you can work with one of the most valuable data sets in the world to identify insights and actions that can have a meaningful impact on our customers and our business. And, with opportunities to learn from leaders who have defined the course of our industry, you can grow your career and define your own path. Find your place in risk and analytics on #TeamAmex.The Global Risk & Compliance Organization (GRC) is an independent risk management function, led by the Chief Risk Officer, with the objective of ensuring that American Express operates in a safe, sound, and fully compliant manner with all applicable regulatory expectations. GRC creates and maintains the overall risk management framework, performs independent risk management assessments, and monitors applicable risks.Colleagues at GRC are passionate about our commitment to drive the Company’s goals of growth and progress by creating a culture of risk awareness and proactivity around regulatory matters.The Operational Risk Management (ORM) team facilitates and monitors the implementation of effective operational risk management programs throughout the company, and oversees risk ownership throughout business units, products, and processes.The objective of the ORM Governance team is to develop, oversee and strengthen the organization’s ORM framework to ensure that governance structures, policies, and procedures are robust, effective, and align with regulatory requirements and best practices.ORM Governance is looking for a Director who will be responsible for establishing and enhancing the Operational Risk Management (ORM) framework across the organization. This role will lead the development of risk taxonomies, risk appetite statements, and the implementation of robust oversight mechanisms through risk committees and escalation protocols. The Director will focus on proactive risk identification, strengthening Risk and Control Self-Assessments (RCSAs), and driving thematic analysis and root cause identification to mitigate systemic operational risks. The ideal candidate will possess strong analytical skills to manage key risk indicators (KRIs) and operational risk reporting across business units.Responsibilities:
Establish and enhance the ORM framework, ensuring alignment with industry best practices and regulatory requirements, including setting clear operational risk taxonomies and risk appetite across the enterprise.
Lead the development of risk taxonomies and risk appetite statements, ensuring consistency across business units and alignment.
Oversee the governance of risk committees, including facilitating discussions, ensuring effective escalation protocols, and providing actionable insights on operational risk issues to senior leadership.
Drive proactive risk identification and mitigation through thematic analysis and collaboration with business units, ensuring early detection of emerging risks and systemic issues.
Develop and strengthen RCSA processes across all business units, ensuring that risk assessments are conducted consistently, are forward-looking, and focus on the effectiveness of internal controls.
Lead root cause analysis efforts, developing a systematic process to identify, analyze, and address the underlying causes of operational risk events to prevent recurrence.
Establish and track Key Risk Indicators (KRIs) and other performance metrics to monitor operational risk exposure across the organization, ensuring effective risk reporting and decision-making.
Provide oversight for escalation protocols related to operational risk incidents, ensuring timely identification and resolution of issues, and recommending remediation strategies as necessary.
Collaborate with risk, compliance, and internal audit teams to ensure consistent operational risk reporting and provide data-driven insights to risk committees and senior management.
Use advanced data analytics and risk reporting tools to track, monitor, and present key operational risk trends, ensuring the organization remains agile and responsive to emerging risks.
Requirements:
7-10 years of experience in operational risk management, with demonstrated expertise in establishing and managing ORM frameworks in a global organization.
Experience in developing risk taxonomies, risk appetite frameworks, and conducting thematic analysis to identify and mitigate operational risk exposures.
Proven ability to lead Risk and Control Self-Assessments (RCSA), ensuring robust processes and effective control environments across various business units.
Strong background in root cause analysis, with experience developing processes to address systemic issues and prevent operational risk events from recurring.
Familiarity with governance structures, including managing risk committees, risk escalation protocols, and presenting insights to senior leadership.
Strong analytical skills with the ability to use data-driven insights, key risk indicators (KRIs), and other metrics to drive operational risk decision-making and oversight.
Demonstrated experience in proactive risk identification, thematic analysis, and mitigation strategies that reduce operational risk impact across the organization.
Experience working with senior management and business unit leaders to ensure consistent application of the ORM framework and alignment with risk appetite.
Excellent communication and leadership skills, with the ability to collaborate across functions and present operational risk findings and recommendations clearly.
Bachelor’s degree in Risk Management, Finance, Business, or related field required
ORMCMQualificationsSalary Range: $130,000.00 to $205,000.00 annually bonus equity (if applicable) benefitsThe above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we’ll consider your location, experience, and other job-related factors.We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:
Competitive base salaries
Bonus incentives
6% Company Match on retirement savings plan
Free financial coaching and financial well-being support
Comprehensive medical, dental, vision, life insurance, and disability benefits
Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
20 weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
Free and confidential counseling support through our Healthy Minds program
Career development and training opportunities
For a full list of Team Amex benefits, visit our Colleague Benefits Site .American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.US Job Seekers/Employees - Click here to view the “Know Your Rights” poster and the Pay Transparency Policy Statement.If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.Job: RiskPrimary Location: US-Arizona-PhoenixOther Locations: US-Utah-Sandy, US-Florida-SunriseSchedule Full-timeTags ORMCMReq ID: 24020688