25 Threat Analysis jobs in the Philippines

Job Summary:
br>The Risk Officer is responsible for supporting the implementation and execution of the enterprise risk management (ERM) framework across the organization. The role focuses on identifying, assessing, monitoring, and reporting risks that could impact on the company’s strategic objectives, operations, and compliance. The Risk Officer works closely with various departments to promote a risk-aware culture and ensure alignment with industry standards such as ISO 31000 and COSO ERM. < r>


Key Responsibilities:

1. Risk Identification & Assessment

Assist in conducting enterprise-wide risk assessments and workshops.

Support business units in identifying and documenting key risks, including strategic, operational, financial, and compliance-related risks.

Help develop and maintain the corporate risk register.

2. Risk Monitoring & Reporting

Track the implementation of risk mitigation plans across departments.

Prepare risk reports and dashboards for senior management and the Board Risk Oversight Committee (BROC).

Monitor Key Risk Indicators (KRIs) and provide early warning alerts for emerging risks.

3. Policy & Framework Support

Help maintain and update risk management policies, procedures, and templates.

Ensure risk activities comply with regulatory requirements and internal standards.

Support internal and external audit activities related to risk.

4. Risk Culture & Training

Assist in promoting risk awareness and a proactive risk culture across the organization.

Coordinate risk training sessions and awareness campaigns.

Support business continuity and crisis management initiatives.

5. Regulatory & Compliance Alignment

Ensure alignment with risk-related regulatory standards, including those from the DOE, ERC, and ISO guidelines.

Monitor industry best practices and recommend enhancements to the risk framework.



Qualifications & Experience:

Bachelor’s Degree in Business, Finance, Risk Management, Engineering, or related field. < r>
At least 3–5 years of experience in risk management, audit, compliance, or operations, preferably in the energy, utilities, or infrastructure sectors. < r>
Familiarity with enterprise risk management frameworks such as ISO 31000 and COSO ERM.

Strong analytical and problem-solving skills.

Effective communication and stakeholder coordination abilities.

Proficiency in MS Excel, PowerPoint, and risk management tools is a plus.

Risk certifications (e.g., CRMP, ISO 31000, ARM) are an advantage.

Risk Management Analyst
Job ID
224529
Posted
23-Jul-2025
Service line
Corporate Segment
Role type
Full-time
Areas of Interest
Legal, Risk Management
Location(s)
Makati City - National Capital Region - Philippines
**About the Role:**
The Insider Risk Management team is currently seeking a highly motivated and experienced **Insider Risk Analyst** to join our team. The team's mission is to identify, defend and mitigate risks posed by trusted personnel who have access to sensitive and proprietary CBRE resources and information.
As a member of the team, you would be expected to perform a variety of extremely sensitive and confidential security functions and would work closely with other internal business partners such as Legal, Privacy, Human Resources and Cybersecurity teams.
**Key Responsibilities**
+ Responsible for monitoring, investigation and remediation of insider risk events.
+ Perform initial monitoring activity to establish baselines on user behavior and data movement.
+ Conduct highly confidential and sensitive investigations often involving employee misconduct, fraud, intellectual property theft and policy violations.
+ Develop and mature processes, playbooks, workflows, standards and threat models.
+ Conduct risk assessments and recommend security controls to minimize potential threats.
+ Work closely with both internal and external security teams to identify and provide defensive solutions to emerging threats that may impact CBRE assets and systems.
**Required Skills & Knowledge**
+ Bachelor's degree in Cybersecurity, Computer Science or equivalent work experience.
+ 2+ years of technical experience in one or more of the following: insider risk investigations, cyber incident response, data loss prevention, digital forensics or threat analysis.
+ Understanding of tactics, techniques, and procedures associated with malicious insider risk activity.
+ Technical experience conducting digital investigations in an enterprise network environment utilizing data analytics, log analysis and/or forensic tools.
+ Experience leveraging SIEM, UEBA and DLP tools for complex technical analysis and incident reporting.
+ Basic understanding of privacy regulations and requirements associated with data loss incidents.
+ Excellent analytical and problem-solving skills.
+ Proven ability to effectively prioritize and execute tasks in a high-pressure, fast paced environment.
+ Strong verbal and written communication skills with the ability to articulate complex technical ideas in plain language to non-technical audiences.
**Preferred**
+ Prior corporate security, law enforcement, government or military experience in the technical investigation of insider risk incidents.
+ Experience with the technical policy creation, implementation and tuning of UBA, DLP and SIEM technologies.
+ Current industry recognized information security and forensic certifications such as: CISM, CISSP, GCFE, GCFA, CFCE, EnCE or related.
**Company Perks and Benefits:**
+ Government Mandated Benefits
+ Hybrid Work Setup
+ Paid Leaves (15 SL and 15 VL annually)
+ HMO with up to three free dependents
+ Life Insurance
+ Annual Performance Bonus
+ Annual Merit Increase
**Why CBRE Business Services Organization (BSO):**
+ When you join CBRE Business services Organization (BSO), you become part of a global leader in commercial real estate and investment services that help businesses and people thrive.
+ At CBRE- Business services Organization (BSO), Our ambitious is for growth plan creating the space for dynamic colleagues to build a non-linear career path.
+ CBRE Business Services Organization (BSO) fosters a culture where we share commitment to excellence and believe the best work happens in connected communities where respect for each other is foundational.
**CBRE Business Services Organization (BSO) is a part of CBRE Group, Inc. (NYSE:CBRE),** a Fortune 500 and S&P 500 company headquartered in Dallas, is the world's largest commercial real estate services and investment firm (based on 2022 revenue). The company has approximately 130,000 employees serving clients in more than 100 countries. CBRE serves a diverse range of clients with an integrated suite of services, including facilities, transaction and project management; property management; investment management; appraisal and valuation; property leasing; strategic consulting; property sales; mortgage services and development services. With broader and deeper capabilities than any other company, CBRE is the leading full-service real estate services and investment organization in the world.
CBRE, Inc. is an Equal Opportunity and Affirmative Action Employer (Women/Minorities/Persons with Disabilities/US Veterans)

Job Description

**Responsibilities**:
Conduct the annual Risk Control Self-Assessment (RCSA) program and evaluate the results to assess whether the proper risks are identified and to verify the effectiveness of the control environment
Implement new risk measurement controls and processes that are relevant to the business and enhance the operational risk management environment.
Drive and evolve the creation of common Operational Risk Taxonomy and Process Inventory that is used by Risk, Compliance, and Audit
Manage Operational Risk Event process, including understanding the root cause, any necessary remediation, and reporting, to ensure control gaps are closed.
Partner with Business to understand and continuously monitor risk profile and ongoing enhancement of Key Risk Indicators (KRIs) to ensure they are relevant to capture emerging risks and evolving business strategies, to assist management in the early identification of risk trends.
Aggregate risk data and synthe key themes to keep management aware of the risk and control environment through continuous communication, and presenting at the Risk and Controls Committee
Manage Vendor Risk Management process, including initial and annual risk due diligence for key vendors.
Assist with due diligence process
Collaborate in maintaining ownership of the ORMC (Operational Risk Management Committee) lifecycle, maintaining minutes, following up on action items, and having accountability to the EC (Executive Committee) for results and transparency
Collaborate in the management of the SOC1 & SOC2 process, interfacing with the auditors, managing the control objectives and individual controls, and working with teams to streamline walkthroughs, observations, and evidence for the audit program
Partner with each department to create and maintain policies and process maps
Assist the ORMC with Business Continuity planning and documentation, including Business Impact Analyses, planning, and execution of BCP exercises Requirements

**Qualifications**:
Bachelor's degree in finance, economics or a related discipline preferred
2-5 years of relevant experience, preferably with hedge funds and/or private equity experience
Knowledge of alternative investments a plus
Advanced skills in Microsoft Suite, specifically Excel
Strong organizational, problem solving and time management skills

**Job Description**:
**Responsibilities**:

- Conduct the annual Risk Control Self-Assessment (RCSA) program and evaluate the results to assess whether the proper risks are identified and to verify the effectiveness of the control environment
- Implement

The **Manager, Information Risk Management** is responsible for supporting the Directors within the team in the delivery of the 2nd Line of Defense risk oversight program across North America. The incumbent will serve as or has the foundation to become a Subject Matter Expert on information security, technology risk, and business continuity and disaster recovery management within the North America IRM team.
**Position Responsibilities:**
+ Support the directors on delivering the 2nd line information risk oversight and challenge program to the U.S. and Canadian Segments while enabling the Segments' L1 teams to manage their information risks efficiently and effectively. The L2 program covers key initiatives, high risk third parties, business continuity and disaster recovery, severe incidents and loss events, risk exceptions, issues and CAPs, Risk and Control Self Assessments (RCSAs), etc.
+ Promote a strong information risk culture and diversity, equity and inclusive values.
+ Stay abreast of new regulations, laws and requirements for information security, cybersecurity, information protection and privacy across jurisdictions.
+ Maintain and foster relationships with internal customers and risk partners.
**Required Qualifications:**
+ Minimum of 6 years of experience in risk and control space, specifically in the areas of Information Security, Business Resiliency, and Technology Risk
+ Expertise and prior experience in various aspects of security and information risk management (2nd line of defense preferred)
+ Strong communication skills and ability to explain highly technical concepts to non-technologists including business executives
+ Familiarity with IT and security, programming/coding and/or IT compliance
**Preferred Qualifications:**
+ Recognized professional designations in Information Security, Audit and Business Continuity (e.g. CISSP, CISA, CISM, CRISC, CSSLP, MBCP)
+ Results driven: Timely delivery with high quality
+ Strong time management and organizational skills to manage multiple tasks and changing priorities
+ Strong and effective communication
+ Ability to develop and maintain strong relationships
+ Ability to influence without authority
+ Strong team player with a collaborative approach
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

At Johnson & Johnson,?we believe health is everything. Our strength in healthcare innovation empowers us to build a?world where complex diseases are prevented, treated, and cured,?where treatments are smarter and less invasive, and?solutions are personal?Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity?Learn more at Function:**
Finance
**Job Sub** **Function:**
Risk Management
**Job Category:**
Professional
**All Job Posting Locations:**
Paranaque, National Capital Region (Manila), Philippines
**Job Description:**
Assists with the administration of Risk Management processes.
Conduct processes for compliance with SOPs and SOx compliance with appropriate supervision by manager and senior director.
Execute financial transactions with direction and oversight by manager for expenses and premiums.
Conducts collection of data from other departments and external TPAs, brokers, and insurers and prepare submissions for the placement of property and casualty insurance programs.
Day to day handling of property and casualty claims working with legal department, occupational health, and insurers both in and outside the US.
Maintain claims and other data essential to the operations of $4B captive insurance company.
Assist manager and senior director in contract reviews and M&A Due Diligence
Assists in providing data for internal or external audits or regulatory examinations.
Understands and applies Johnson & Johnson's Credo and Leadership Imperatives in day-to-day interactions with team.
This job does not require any experience. This job is overtime eligible.

As the **Information Risk Manager** , you will work closely with different lines of defense to bolster our information risk management processes. You'll focus on evolving our assurance practices, standardizing procedures, and ensuring compliance with global information risk management standards.
**Position Responsibilities:**
+ Lead the development and refinement of the framework for reporting the organization's risk posture.
+ Manage and perform scenario analyses to evaluate the impact of changes to the risk management framework.
+ Oversee the design and implementation of Power BI solutions to expand and optimize risk reporting capabilities.
+ Collaborate with cross-functional teams and stakeholders to gather requirements and ensure alignment with organizational goals.
+ Ensure the accuracy, consistency, and reliability of data across all reports and dashboards.
+ Provide strategic insights and actionable recommendations based on risk data analysis to inform decision-making.
+ Support the development and maintenance of the global Information Risk Management policies, standards, controls, and related risk assessment, oversight and assurance processes.
+ Support the standardization of information risk management activities by designing and/or researching best practices related to Information Risk Management assessment processes and tools.
+ Mentor and develop team members, fostering a culture of continuous improvement and professional growth.
+ Stay abreast of industry trends, best practices, and technological advancements in information risk management and data reporting.
+ Assist in developing the Information Risk Analysis strategy and framework.
+ Responsible for finding opportunities to improve data quality alignment across all functions/segments.
+ Proactively communicate reporting modifications and process changes to contributors based on senior management requests and personal observations.
**Required Qualifications:**
+ University Degree in Technology, Business, Risk Management, Auditing, or related field. A master's degree or relevant professional certification is a plus.
+ Minimum of 7 years of experience in Microsoft Excel and Power BI, with a track record of designing complex reports and dashboards.
+ Expertise in controls, IT risk management, data analysis, metrics design/development and reporting for risk function, preferably in the financial services industry
+ Strong analytical, problem-solving, and decision-making skills, with a keen attention to detail.
+ Excellent leadership and communication skills, with the ability to influence and engage stakeholders at all levels.
+ Familiarity with risk management principles, frameworks, and methodologies.
+ Ability to Independently undertake projects of an intricate nature and ad-hoc requests as required.
+ Proven experience in a management role within information risk management or a related field.
**Preferred Qualifications:**
+ Experience with data visualization and business intelligence tools.
+ Knowledge of database management, SQL, and data governance.
+ Strong organizational and project management skills, with the ability to manage multiple priorities.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
**Qualifications** **:**
+ Candidate must have a Bachelor's Degree in Mathematics/Statistics, Economics, Finance/Accounting/Banking or equivalent.
+ Fresh graduates are welcome to apply.
+ With 2 years of experience in a banking industry or related field is an advantage.
+ Knowledgeable in Windows, MS Office applications, and in VBA macro will be an advtange.
**Duties and Responsibilities:**
+ Assist in the implementation of approved risk policies and procedures to measure, monitor and control the market, liquidity and operational risk in the Bank.
+ Assist in generating daily and monthly risk reports for market, liquidity and operational risk.
+ Assist in the proper implementation and monitoring of all Basel-related regulations for market, liquidity and operational risk.
+ Ensures accuracy of market data captured from service provider, as well as its proper recording into the Bank's data systems.
+ Prepares reports required by other departments, Head Office, BSP and other external regulatory agencies.
**_We regret to inform that only shortlisted candidates will be notified._**
Mitsubishi UFJ Financial Group (MUFG) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

Reporting to the Director, Strategy and Governance, the **Manager, Information Risk Management Governance** will be responsible for enhanced governance, execution oversight, planning, reporting, communication, performance management, resource management, and ensuring an overall health across activities within Information Risk Management Control Assurance Testing function (ICAT). This role also supports TRM in various activities, as well as other IRM frameworks/methodologies.
**Position Responsibilities:**
+ Support creation of high impact plans, maintains execution assurance, sets goals and targets, and reports to management on findings.
+ Offer a strong risk perspective for ICAT engagements, challenging scoping, methods, conclusions and artifacts to represent the full risk landscape of the organization.
+ Develop calendar views and roadmaps of all activities that would impact the execution of ICAT engagements, to form clear critical path milestones and enterprise/segment level governance to ensure enhanced execution.
+ Collect, produce, gather, and report metrics and status as assigned on behalf of IRM. This includes on-going KRI/KPI reporting, operational metrics, executive briefings, and reports
+ Support the Director in all strategic mandates such as running internal update meetings, standards and process improvements, change control, communication, interaction models enhancements, tools creation and sourcing, employee engagements and ensuring delivery of engagements on time, within the desired scope and quality.
+ Collaborate with other IRM teams and professionals including , 2nd line practice areas, IRM segment leads, Leadership, 1st line partners and other stakeholders.
+ Contribute and shape divisional and global IRM projects and initiatives. Ensure division-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects, and services.
+ Manage day to day initiatives tasks, drive execution, enable process improvements, standardization, and automation in line with good practice and improved efficiency.
+ Advocate for a strong information risk culture.
+ Work with information risk teams globally to ensure compliance with Global Information Risk Management processes, procedures, policies, standards, templates, and guidelines.
+ Maintain and foster enduring relationships with internal customers and peers,
**Required Qualifications:**
+ Minimum 5 years of progressive leadership in the areas/combination of Risk Advisory/Consulting, Program Management, Project Management, Execution Oversight, Risk Management, Governance, Assurance and Control Testing, Information Security, Business Resiliency, and Technology Risk.
+ High proficiency level in Microsoft office tools such as power point, excel etc.
+ Proven experience in managing change and implementing multiple parallel projects
+ Strong understanding of related best practices and relevant industry framework.
+ Sound knowledge of best practices of various aspects of information risk management and prior experience as a leader in Information Risk.
**Preferred Qualifications:**
+ University degree (Computer Science, Engineering or related discipline preferred)
+ Recognized professional designations in Change Management, Project Management, Information Security, Audit and Business Continuity (e.g., CMC, PMP, CISSP, CISA, CRISC, etc.) would be an asset
+ Knowledge of Power BI and reporting dashboard would be an asset
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

**Description**
**Manager - Global Servicing (Operational Risk Management)**
**#4th in Great Place to Work's Best Company To Work For 2025**
**#10th in Fortune Magazine's 2025 World's Most Admired Companies**
**#1st in the J.D. Power 2024 U.S. Credit Card Satisfaction Study of National Credit Card Issuers**
**Top GBS Employers for the Philippines (2025) by the Everest Group**
At American Express, our culture is built on a 175-year history of innovation, shared values and leadership behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.
Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.
**How will you make an impact in this role?**
The Global Risk & Compliance Organization is an independent risk management function, led by the Chief Risk Officer, with the objective of ensuring that American Express operates in a safe, sound, and fully compliant manner with all applicable regulatory expectations. Global Risk & Compliance creates and maintains the overall risk management framework, performs independent risk management assessments, and monitors applicable risks.
Colleagues at Global Risk & Compliance are passionate about our commitment to drive the Company's goals of growth and progress by creating a culture of risk awareness and proactivity around regulatory matters.
The Operational Risk Management (ORM) team facilitates and monitors the implementation of effective operational risk management programs throughout the company, and oversees risk ownership throughout business units, products, and processes.
The objective of the ORM Governance team is to develop, oversee and strengthen the organization's ORM framework to ensure that governance structures, policies, and procedures are robust, effective, and align with regulatory requirements and best practices.
The ORM Governance Organization is looking for a manager to join a diverse team of high-performing individuals focused on the effective oversight of risk identification, assessment, and mitigation across the Business Unit, while maintaining alignment with the organization's enterprise risk management framework.
Reporting directly to the Director, Global Servicing Operational Risk, this second line of defense role plays a critical part in assessing, monitoring, and challenging the first line's risk management practices. The ideal candidate will partner closely with first-line stakeholders and enterprise risk functions to provide independent oversight and challenge, ensuring that operational risk is managed effectively and in compliance with regulatory expectations.
**Responsibilities:**
+ Assess and challenge first-line operational risk identification, assessment, and mitigation efforts (i.e., Risk & Control Self-Assessment) to ensure alignment with enterprise risk standard
+ Analyze business processes and activities to identify potential risks, control gaps, and emerging risks
+ Assist in applying the enterprise risk management framework
+ Support the first line of defense in embedding risk management practices into daily operations and decision-making
+ Track and analyze key risk indicators (KRIs), providing insights into risk trends and areas requiring attention
+ Contribute to risk reporting efforts, preparing materials for senior management, risk committees, and regulatory engagements
+ Participate in risk governance forums, working groups, and committee meetings, providing input on risk topics
**Minimum Qualifications:**
+ 3-7 years of experience in operational risk management in a financial services firm or in a call center operation, e.g. process governance, issues management, creating and/or maintaining risk & control self-assessment frameworks; including policies, guidelines, procedures and/or related functional responsibilities (Compliance, Audit, etc.)
+ Excellent communication and stakeholder management skills
+ Strong critical thinking mindset with a proactive approach to problem-solving
+ Detail-oriented and proactive, with strong prioritization skills
+ Understanding of operational and regulatory risks
+ High ethical standards and a commitment to integrity and accountability
**Preferred Qualifications:**
+ Bachelor's degree in finance, Business, Risk Management, or a related field; advanced degrees (e.g., MBA, MSc) or certifications are advantageous.
+ Knowledge of call center operations and regulatory requirements pertaining to offerings of cards, payments services, lending, and deposits.
+ Proficiency in risk management tools, data analysis, and reporting systems
+ Experience in at least one of the following:
+ Identification of operational risks throughout business processes and systems or independently reviewing identification of risk.
+ Facilitating risk assessments or independently reviewing assessments and testing program outcomes to ensure regulatory and internal standards are met.
+ Leading or independently reviewing control monitoring, including identification of control improvements.
+ Identifying areas of heightened operational risk for intervention.
ORMCM
**Qualifications**
**Additional Details:**
+ Location: BGC Corporate Center 2, 5th Avenue corner 30th Street, Bonifacio Global City, Taguig
+ Workplace Flexibility: Full time. Must be amenable to follow a hybrid work arrangement (onsite and work from home)
+ Work From Home Requirements:
+ Must have at least 25 mbps internet connection plan / speed
+ Must have a private & quiet area to work at home
+ American Express offers a fantastic and diverse working environment. High performance is rewarded with target driven incentives
We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:
+ Competitive base salaries
+ Bonus incentives
+ Support for financial-well-being and retirement
+ Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
+ Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
+ Generous paid parental leave policies (depending on your location)
+ Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
+ Free and confidential counseling support through our Healthy Minds program
+ Career development and training opportunities
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
Employment eligibility to work with American Express in the Philippines is required as the company will not pursue visa sponsorship for these positions.
**Job:** Risk
**Primary Location:** Philippines-PHL-Taguig City
**Schedule** Full-time
**Tags** ORMCM
**Req ID:** 25013166