Description
: Reporting to the Director, Risk Management, the Senior Advisor, Operational Risk Management will be responsible for overseeing, managing, and continuously improving the operational risk management program within the organization. As an expert, he/she will develop and implement frameworks and strategies to identify, assess, monitor, and mitigate operational risks across various business functions. He/she will also be responsible for evaluating the effectiveness of the risk management programs and mitigation strategies and report the results to senior management. He/she will collaborate with key stakeholders to integrate risk management into operational processes and promote a culture and awareness of risk management.
Operational Risk Management Program - Policy Development and compliance
•Manage the overall operational risk management program, policies and procedures in alignment
with applicable regulatory requirements and industry best management practices, recommend and
implement changes for continuous improvement.
•Working with internal subject matter experts, develop, implement, and maintain specific risk
management programs and methodologies required by regulations and best management practices
(health, safety, security, environment, climate resilience, cybersecurity, engineering, regulatory, etc.)
•Supervise and guide the implementation of risk management activities across the organization,
integrating them into day-to-day business activities and decision-making processes.
•Develop and deliver training on the operational risk management program and on the development
of risk assessors.
•Engage with key stakeholders across the organization to promote a strong risk culture and
awareness.
Risk Identification, Monitoring and Governance
•Responsible for coordinating the activities related to the operational risk management program. Act
as a subject matter expert.
•Work with business units to identify and assess risks, develop risk mitigation strategies, and
monitor risk exposures for risks associated with the business activities.
•Support the development and maintenance of risk governance frameworks, including risk appetite
and tolerance levels.
•Establish key risk indicators (KRIs) and metrics, perform qualitative and quantitative analysis,
scenario planning, and historical data analyses and monitor operational risk exposures.
•Participate in risk committees and forums to provide insights and recommendations on operational
risk matters.
•Report on the status of operational risks and escalate issues as required to senior management and
relevant committees.
Risk Assessments and Response
•Lead risk assessments workshops and to identify and assess risks associated with activities,
operational changes, new initiatives and projects.
•Support and advise risk owners in the identification, development and implementation of effective
risk mitigation strategies, controls, and recovery measures to reduce the likelihood and impact as
per the risk appetite framework and set tolerances.
•Communicate risk assessments and corrective action plans.
•Support the business units during operational risk events.
•Support the updating of crisis management and business continuity plans and in carrying out
various related activities.
Oversight and Continuous improvement
•Participate in root cause analyses for risk tolerance breaches related to operational events.
•Plan and conduct internal audit on the design and effectiveness of risk management processes and
practices as well as the performance and effectiveness of mitigation measures, controls and
recovery measures.
•Prepare reports including recommendations for improvement and provide updates to senior
management. Requirements : REQUIREMENTS
•Hold a university degree in risk management, engineering, business administration, safety or
environmental management, or a related field.
•Proven experience (8 to 10 years) in operational risk management or in a similar role within a
company of comparable size and scope.
•Strong understanding of operational risk management concepts, methodologies, and frameworks
(e.g., COSO ERM, ISO 31000).
•In-depth knowledge and experience with various risk assessment methods (e.g., quantitative
analysis, FMEA, HAZOP, LOPA, Bow Tie, and Event Tree, quantitative methods such as simulations
or statistics, etc.).
•Certification in risk management and auditor certification (an asset).
•Knowledge of regulations applicable to specific risk management programs (e.g., safety,
environment, cybersecurity, etc.) and recognized approaches or standards for management systems
(an asset).
•Excellent written and verbal proficiency in both official languages (English/French).
•Proficiency in risk management/assessment tools and software systems (knowledge of
quantitative analysis tools).
•Must be willing to undertake occasional travel.
•The ideal candidate should possess strong business acumen, interpersonal skills, problem-solving
abilities, a commitment to continuous learning, technical proficiency, analytical and communication
skills, leadership qualities, and effective time management.
#VIAPROF