KeyBank
Sr. Operational Risk Officer – Data Governance Oversight
KeyBank, Topeka, Kansas, United States
Sr. Operational Risk Officer – Data Governance Oversight
About the Job: This 2nd Line of Defense role resides within the Data Risk Governance Office (DRGO), supporting oversight of enterprise-wide data governance practices across KeyCorp. The Sr. Operational Risk Officer is responsible for providing independent oversight and credible challenge to the first line of defense (1LOD) regarding data governance, data quality, metadata management, and data lifecycle practices. This role engages with senior leaders across business units and technology teams to ensure alignment with Key’s Data Risk Management Framework, regulatory expectations, and industry best practices.
Location Work At Home, Virginia
The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies.
Essential Functions
Provide oversight and credible challenge of data governance practices across the enterprise
Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle
Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles
Monitor and report on adherence to Key’s Data Risk Management Framework and related policies
Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics
Support Data Risk Reporting and escalation management processes
Support the Data Risk Policy and Framework adherence and maturity monitoring
Participate in regulatory intelligence gathering and emerging risk identification
Assist with exam and regulatory management, including audit coordination and response
Participate in the execution of the Data Risk Validation Framework and data issue verification activities
Conduct risk and control evaluation and testing across data-related processes
Consult with 1LOD on business initiatives, critical change programs, and technology integration
Assess risks associated with new products, services, and third‑party engagements (TPM)
Support regulatory reporting validation and enterprise program integration efforts
Identify and assess business process risks (BPRI), data quality variances, and exception trends
Escalate significant risk issues and facilitate corrective actions
Foster strong relationships with business partners and senior management to promote risk transparency
Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them
Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management
Maintain awareness of emerging regulatory and industry trends in data governance and operational risk
Required Qualifications
Bachelor’s degree in Information Technology, Business, Finance, or related field, or equivalent experience
Minimum 8 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance
Experience in a second line oversight function within financial services (preferred)
Advanced degree (MBA or similar) or relevant certifications (preferred)
Certifications (Preferred)
ISACA: CISA, CRISC, CGEIT, CISM
Data Governance: DCAM, CDMC, CDMP
ISC2: CISSP, CCSP
Cloud Security Alliance: CCAK
Skills & Competencies
Strong understanding of data governance frameworks (e.g., DCAM, DMBOK, CDMC)
Demonstrated ability to assess and challenge data-related risks and controls
Excellent analytical, communication, and stakeholder engagement skills
Strategic thinking with an execution-oriented mindset
Ability to manage multiple priorities in a fast-paced environment
Proficient in Microsoft Office Suite, SharePoint, Archer GRC, and data visualization tools (e.g., Tableau, Power BI)
Familiarity with Agile methodologies and project management tools
Strong leadership and influencing skills
Intellectual curiosity and commitment to continuous improvement
Compensation and Benefits This position is eligible to earn a base salary in the range of $94,000.00 - $175,000.00 annually. Placement within the pay range may differ based on skills, experience, and geographic location. Compensation also includes eligibility for incentive compensation subject to individual and company performance. Please click here for a list of benefits for which this position is eligible. Key has implemented an approach to employee workspaces that prioritizes in-office presence while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.
Equal Opportunity Statement KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law. Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com. Job Posting Expiration Date: 11/27/2025
#J-18808-Ljbffr
Location Work At Home, Virginia
The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies.
Essential Functions
Provide oversight and credible challenge of data governance practices across the enterprise
Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle
Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles
Monitor and report on adherence to Key’s Data Risk Management Framework and related policies
Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics
Support Data Risk Reporting and escalation management processes
Support the Data Risk Policy and Framework adherence and maturity monitoring
Participate in regulatory intelligence gathering and emerging risk identification
Assist with exam and regulatory management, including audit coordination and response
Participate in the execution of the Data Risk Validation Framework and data issue verification activities
Conduct risk and control evaluation and testing across data-related processes
Consult with 1LOD on business initiatives, critical change programs, and technology integration
Assess risks associated with new products, services, and third‑party engagements (TPM)
Support regulatory reporting validation and enterprise program integration efforts
Identify and assess business process risks (BPRI), data quality variances, and exception trends
Escalate significant risk issues and facilitate corrective actions
Foster strong relationships with business partners and senior management to promote risk transparency
Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them
Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management
Maintain awareness of emerging regulatory and industry trends in data governance and operational risk
Required Qualifications
Bachelor’s degree in Information Technology, Business, Finance, or related field, or equivalent experience
Minimum 8 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance
Experience in a second line oversight function within financial services (preferred)
Advanced degree (MBA or similar) or relevant certifications (preferred)
Certifications (Preferred)
ISACA: CISA, CRISC, CGEIT, CISM
Data Governance: DCAM, CDMC, CDMP
ISC2: CISSP, CCSP
Cloud Security Alliance: CCAK
Skills & Competencies
Strong understanding of data governance frameworks (e.g., DCAM, DMBOK, CDMC)
Demonstrated ability to assess and challenge data-related risks and controls
Excellent analytical, communication, and stakeholder engagement skills
Strategic thinking with an execution-oriented mindset
Ability to manage multiple priorities in a fast-paced environment
Proficient in Microsoft Office Suite, SharePoint, Archer GRC, and data visualization tools (e.g., Tableau, Power BI)
Familiarity with Agile methodologies and project management tools
Strong leadership and influencing skills
Intellectual curiosity and commitment to continuous improvement
Compensation and Benefits This position is eligible to earn a base salary in the range of $94,000.00 - $175,000.00 annually. Placement within the pay range may differ based on skills, experience, and geographic location. Compensation also includes eligibility for incentive compensation subject to individual and company performance. Please click here for a list of benefits for which this position is eligible. Key has implemented an approach to employee workspaces that prioritizes in-office presence while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.
Equal Opportunity Statement KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law. Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com. Job Posting Expiration Date: 11/27/2025
#J-18808-Ljbffr