Sr. Operational Risk Officer – Data Governance Oversight

About the position This 2nd Line of Defense role resides within the Data Risk Governance Office (DRGO), supporting oversight of enterprise-wide data governance practices across KeyCorp. The Sr. Operational Risk Officer is responsible for providing independent oversight and credible challenge to the first line of defense (1LOD) regarding data governance, data quality, metadata management, and data lifecycle practices. This role engages with senior leaders across business units and technology teams to ensure alignment with Key’s Data Risk Management Framework, regulatory expectations, and industry best practices. The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies.

Responsibilities

• Provide oversight and credible challenge of data governance practices across the enterprise
• Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle
• Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles
• Monitor and report on adherence to Key’s Data Risk Management Framework and related policies
• Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics
• Support Data Risk Reporting and escalation management processes
• Support the Data Risk Policy and Framework adherence and maturity monitoring
• Participate in regulatory intelligence gathering and emerging risk identification
• Assist with exam and regulatory management, including audit coordination and response
• Participate in the execution of the Data Risk Validation Framework and data issue verification activities
• Conduct risk and control evaluation and testing across data-related processes
• Consult with 1LOD on business initiatives, critical change programs, and technology integration
• Assess risks associated with new products, services, and third-party engagements (TPM)
• Support regulatory reporting validation and enterprise program integration efforts
• Identify and assess business process risks (BPRI), data quality variances, and exception trends
• Escalate significant risk issues and facilitate corrective actions
• Foster strong relationships with business partners and senior management to promote risk transparency
• Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them
• Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management
• Maintain awareness of emerging regulatory and industry trends in data governance and operational risk

Requirements

• Bachelor’s degree in I nformation T echnology , Business, Finance, or related field, or equivalent experience
• Minimum 8 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance
• Experience in a second line oversight function within financial services (preferred)
• Strong understanding of data governance frameworks (e.g., DCAM, DMBOK, CDMC)
• Demonstrated ability to assess and challenge data-related risks and controls
• Excellent analytical, communication, and stakeholder engagement skills
• Strategic thinking with an execution-oriented mindset
• Ability to manage multiple priorities in a fast-paced environment
• Proficient in Microsoft Office Suite, SharePoint, Archer GRC, and data visualization tools (e.g., Tableau, Power BI)
• Familiarity with Agile methodologies and project management tools
• Strong leadership and influencing skills
• Intellectual curiosity and commitment to continuous improvement

Nice-to-haves

• Advanced degree (MBA or similar) or relevant certifications (preferred)
• Certifications (Preferred) ISACA: CISA, CRISC, CGEIT, CISM Data Governance: DCAM, CDMC, CDMP ISC2: CISSP, CCSP Cloud Security Alliance: CCAK

Benefits

• This position is eligible to earn a base salary in the range of $94,000.00 - $175,000.00 annually.
• Compensation for this role also includes eligibility for incentive compensation subject to individual and company performance.
• Please click here for a list of benefits for which this position is eligible.

Apply tot his job Apply To this Job