Key Bank
Operational Risk Officer - Data Governance Oversight
Key Bank, Buffalo, New York, United States, 14266
Location:
4910 Tiedeman Road, Brooklyn Ohio
About the Job
This 2nd Line of Defense role resides within the Data Risk Governance Office (DRGO), supporting oversight of enterprise-wide data governance practices across KeyCorp. The Operational Risk Officer is responsible for providing independent oversight and credible challenge to the first line of defense (1LOD) regarding data governance, data quality, metadata management, and data lifecycle practices. This role engages with leaders across business units and technology teams to ensure alignment with Key’s Data Risk Management Framework, regulatory expectations, and industry best practices.
The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies.
Essential Functions
Provide oversight and credible challenge of data governance practices across the enterprise
Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle
Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles
Monitor and report on adherence to Key’s Data Risk Management Framework and related policies
Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics
Support Data Risk Reporting and escalation management processes
Support the Data Risk Policy and Framework adherence and maturity monitoring
Participate in regulatory intelligence gathering and emerging risk identification
Assist with exam and regulatory management, including audit coordination and response
Participate in the execution of the Data Risk Validation Framework and data issue verification activities
Conduct risk and control evaluation and testing across data-related processes
Consult with 1LOD on business initiatives, critical change programs, and technology integration
Assess risks associated with new products, services, and third-party engagements (TPM)
Support regulatory reporting validation and enterprise program integration efforts
Identify and assess business process risks (BPRI), data quality variances, and exception trends
Escalate significant risk issues and facilitate corrective actions
Foster strong relationships with business partners to promote risk transparency
Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them
Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management
Maintain awareness of emerging regulatory and industry trends in data governance and operational risk
Required Qualifications
Bachelor’s degree in Information Technology, Business, Finance, or related field, or equivalent experience
Minimum 5 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance
Experience in a second line oversight function within financial services (preferred)
Advanced education or relevant certifications (preferred)
Certifications (Preferred)
ISACA: CISA, CRISC, CGEIT, CISM
Data Governance: DCAM, CDMC, CDMP
ISC2: CISSP, CCSP
Cloud Security Alliance: CCAK
Skills & Competencies
Working knowledge of data governance frameworks (e.g., DCAM, DMBOK, CDMC)
Demonstrated ability to assess and challenge data-related risks and controls
Stronganalytical, communication, and stakeholder engagement skills
Execution-oriented mindset with strong attention to detail
Ability to manage multiple priorities in a fast-paced environment
Proficient in Microsoft Office Suite, SharePoint, Archer GRC, and data visualization tools (e.g., Tableau, Power BI)
Familiarity with Agile methodologies and project management tools
Intellectual curiosity and commitment to continuous improvement
Core Competencies
All KeyBank employees are expected to demonstrate Key’s Values and sustain proficiency in identified Leadership Competencies.
Physical Demands
General Office - Prolonged sitting, ability to communicate face to face in person or on the phone with teammates and clients, frequent use of PC/laptop, occasional lifting/pushing/pulling of backpacks, computer bags up to 10 lbs.
Travel
Occasional travel to include overnight stay.
COMPENSATION AND BENEFITS
This position is eligible to earn a base salary in the range of $79,000.00 - $146,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation subject to individual and company performance.
Please click here (https://www.key.com/about/careers/working-with-us/benefits.html) for a list of benefits for which this position is eligible.
Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.
Job Posting Expiration Date: 11/27/2025
KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.
Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.
#LI-Remote
KeyBank is an organization collectively committed to helping you unlock your potential and discover what truly drives you. Working here means sharing our purpose to help our clients, colleagues, and communities thrive. You’ll find genuinely supportive teammates, a flexible, inclusive work environment, challenging projects, accessible leaders, and opportunities to grow in your position and your career. For 200 years, Key has opened doors in our communities. Let us open one for you.
4910 Tiedeman Road, Brooklyn Ohio
About the Job
This 2nd Line of Defense role resides within the Data Risk Governance Office (DRGO), supporting oversight of enterprise-wide data governance practices across KeyCorp. The Operational Risk Officer is responsible for providing independent oversight and credible challenge to the first line of defense (1LOD) regarding data governance, data quality, metadata management, and data lifecycle practices. This role engages with leaders across business units and technology teams to ensure alignment with Key’s Data Risk Management Framework, regulatory expectations, and industry best practices.
The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies.
Essential Functions
Provide oversight and credible challenge of data governance practices across the enterprise
Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle
Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles
Monitor and report on adherence to Key’s Data Risk Management Framework and related policies
Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics
Support Data Risk Reporting and escalation management processes
Support the Data Risk Policy and Framework adherence and maturity monitoring
Participate in regulatory intelligence gathering and emerging risk identification
Assist with exam and regulatory management, including audit coordination and response
Participate in the execution of the Data Risk Validation Framework and data issue verification activities
Conduct risk and control evaluation and testing across data-related processes
Consult with 1LOD on business initiatives, critical change programs, and technology integration
Assess risks associated with new products, services, and third-party engagements (TPM)
Support regulatory reporting validation and enterprise program integration efforts
Identify and assess business process risks (BPRI), data quality variances, and exception trends
Escalate significant risk issues and facilitate corrective actions
Foster strong relationships with business partners to promote risk transparency
Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them
Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management
Maintain awareness of emerging regulatory and industry trends in data governance and operational risk
Required Qualifications
Bachelor’s degree in Information Technology, Business, Finance, or related field, or equivalent experience
Minimum 5 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance
Experience in a second line oversight function within financial services (preferred)
Advanced education or relevant certifications (preferred)
Certifications (Preferred)
ISACA: CISA, CRISC, CGEIT, CISM
Data Governance: DCAM, CDMC, CDMP
ISC2: CISSP, CCSP
Cloud Security Alliance: CCAK
Skills & Competencies
Working knowledge of data governance frameworks (e.g., DCAM, DMBOK, CDMC)
Demonstrated ability to assess and challenge data-related risks and controls
Stronganalytical, communication, and stakeholder engagement skills
Execution-oriented mindset with strong attention to detail
Ability to manage multiple priorities in a fast-paced environment
Proficient in Microsoft Office Suite, SharePoint, Archer GRC, and data visualization tools (e.g., Tableau, Power BI)
Familiarity with Agile methodologies and project management tools
Intellectual curiosity and commitment to continuous improvement
Core Competencies
All KeyBank employees are expected to demonstrate Key’s Values and sustain proficiency in identified Leadership Competencies.
Physical Demands
General Office - Prolonged sitting, ability to communicate face to face in person or on the phone with teammates and clients, frequent use of PC/laptop, occasional lifting/pushing/pulling of backpacks, computer bags up to 10 lbs.
Travel
Occasional travel to include overnight stay.
COMPENSATION AND BENEFITS
This position is eligible to earn a base salary in the range of $79,000.00 - $146,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation subject to individual and company performance.
Please click here (https://www.key.com/about/careers/working-with-us/benefits.html) for a list of benefits for which this position is eligible.
Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.
Job Posting Expiration Date: 11/27/2025
KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.
Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.
#LI-Remote
KeyBank is an organization collectively committed to helping you unlock your potential and discover what truly drives you. Working here means sharing our purpose to help our clients, colleagues, and communities thrive. You’ll find genuinely supportive teammates, a flexible, inclusive work environment, challenging projects, accessible leaders, and opportunities to grow in your position and your career. For 200 years, Key has opened doors in our communities. Let us open one for you.