Business Risk and Controls Advisor supporting Technology Risk Governance Team at USAA. Advising on control environment, performing risk assessments, and ensuring compliance with regulatory requirements.
About the role
- Serve as PMO’s subject matter expert for risk, leading day-to-day practices at Pearson. Collaborate with teams to design and improve risk management policies and frameworks.
Responsibilities
- Serve as the PMO’s subject matter expert for risk across PSQ (Pearson School Qualifications) and VQ (Vocational Qualifications), providing hands-on leadership for day-to-day risk practices.
- Design, embed, and continuously improve the risk management policies, frameworks, tools, playbook, and operating rhythms.
- Operate a single, centralised view of risk, enabling early identification and mitigation of risks, and provide input into the feedback loop of incident management and continuous improvement.
- Lead scenario planning, contingency planning, and simulation exercises to test resilience and improve readiness across cross-functional delivery teams.
- Provide independent risk assurance to senior stakeholders, supporting regulatory compliance, operational resilience, and continuous improvement.
- Author and maintain the risk management policies and framework in line with corporate policy and regulatory expectations; submit updates for approval to key senior stakeholders.
- Define and enforce minimum standards for risk registers and control documentation across PSQ and VQ; ensure version control and audit-ready documentation.
- Run the end-to-end risk lifecycle: periodic risk identification, assessment, scoring, and mitigation planning across operational series and on-demand operations; facilitate risk workshops with delivery teams.
- Maintain the centralised risk register and heatmaps; define and track metrics and early warning indicators; build and maintain dashboards that surface exposure trends and control effectiveness.
- Challenge and support risk owners to develop preventative controls and time-bound action plans; track actions to closure; escalate overdue or high-exposure items per governance.
- Perform targeted control testing and risk deep-dives; coordinate with Internal Audit, Corporate Risk, Regulation, and relevant SMEs to address findings.
- Lead scenario planning, failure mode and stress testing for high risks ahead of peak series; define and maintain contingency plans and workarounds.
- Plan and run tabletop exercises and live simulations at defined intervals; track readiness gaps and remediation actions.
- Own the day-to-day administration and data standards for risk tooling; ensure single source of truth, data quality, and timely updates.
- Produce regular risk reporting packs for Operational Governance Boards and other forums; provide an independent risk view and recommendations to support go/no-go and trade-off decisions.
- Ensure risk practices meet relevant regulatory obligations and internal policies; maintain complete audit trails.
- Partner with the Regulation team on submissions as required; prepare materials for audits, reviews, and inquiries.
- Translate risk appetite into incident severity thresholds, escalation criteria, and decision rights; embed in playbooks.
- Ensure RCAs (root cause analyses) and corrective actions update risk registers/controls and are tracked to verified closure; prioritise by exposure reduction.
- Provide rapid risk assessments during major incidents; chair or co-chair Risk–Incident Governance Forum to review trends and drive systemic actions.
- Translate risk insights and near misses, into prioritised continuous improvement opportunities with clear problem statements and expected benefits. Hand over to and collaborate with the continuous project managers; track benefits realisation and close the loop back to risk exposure reduction.
- Act as the central point of contact for risk within the PMO; coach Operational Delivery Managers and wider teams on best practices.
- Run training, clinics, and knowledge sharing to uplift risk capabilities across the operation and supplier partners.
Requirements
- Extensive experience leading risk management in complex, high-stakes, and regulated environments; qualifications/assessment, financial services, healthcare, government or similar preferred.
- Proven track record designing and embedding risk frameworks.
- Strong familiarity with regulatory expectations for high-stakes operations and audit evidence requirements.
- Experience running scenario planning, business continuity and crisis simulations.
- Proficiency with risk tooling and reporting (e.g., Excel, Smartsheet, SharePoint, Power BI and ServiceNow/Jira for incident tooling integration).
- Desirable certifications: IRM (e.g., CMIRM), CRISC, PRINCE2/APM; Lean/Six Sigma exposure for RCA.
Benefits
- Participation in out-of-hours work during peak series or major incidents will be required.
- Occasional travel to operational sites, suppliers, and regulator/partner locations.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Business Risk and Controls Advisor Lead managing compliance and risk management initiatives for USAA. Collaborating with multiple departments to promote risk - awareness and effective risk management programs.
Fund Risk Controlling - Senior Associate responsible for fund risk reporting in financial services at BNY. Seeking candidates with experience in investment compliance and fund risk controlling, based in Frankfurt.
Regional Banking Risk Management Reviewer monitoring operational risks and ensuring compliance across financial centers. Collaborating with Retail leadership and supporting procedural development and training.
Insurance and Risk Specialist managing enterprise risk operations within Digital Realty’s data center platform. Collaborating with insurance brokers and project managers to ensure compliance and manage risk effectively.
Senior Risk Analyst managing enterprise risk governance frameworks at TD. Advising on risk mitigation practices and leading policy management initiatives.
Business Expert for Financial Institutions Public Finance cell managing risk applications and working closely with software developers. Involves conducting analyses and implementing regulatory requirements in the financial sector.
AI Governance SME executing governance, risk, and control activities for artificial intelligence in leading financial institution. Collaborating to develop standards and ensure compliance in evolving tech landscape.
IT Governance and Controls Analyst in UK IT Service Delivery at Zurich. Supporting design and management of IT controls with a focus on governance and compliance.
Risk Management Lead managing the development of IESO's enterprise risk management program. Collaborating across the organization to identify, assess, monitor, and report on risks.