Risk Management Senior Associate

reporting to the senior vice president, head of risk management, this operational risk professional will have an important role in advancing the enterprise risk management program of a fast-growing financial services firm. This role will work closely with business stakeholders to proactively identify, assess, and mitigate risks across the organization’s lifecycle, with a particular focus on third-party relationships, technology, and business operations.

Serving as a critical second line of defense (2lod), this role provides independent oversight and effective challenge to the business.

• risk assessment & execution (rcsa): lead and execute risk and control self-assessments (rcsa), it risk assessments, and control evaluations. Conduct due diligence for third-party vendors.
• independent review & challenge: assess internal operational risk events, loss data, and emerging threats to ensure a robust control environment for individual business units.
• monitoring & reporting (kri/loss data): define and manage key risk indicators (kris). Analyze operational risk exposure, track loss events, and prepare executive-ready presentations and heat maps for senior leadership. Connect issues to controls and drive resolution.
• business resiliency & technology oversight: oversee and challenge business continuity and disaster recovery (bc/dr) planning and testing. Monitor core technology processes, including change management, cloud governance, disaster recovery, and the data management lifecycle.
• tool administration: serve as primary owner and administrator of the grc platform, ensuring accurate, timely, and complete data across risk, controls, issues, and reporting.

• experience: 5+ years of experience in operational risk, third-party risk (tprm), or compliance within the banking or financial services (brokerage/ria) industry. Thrive in a fast-paced, dynamic environment where foundational capabilities are being designed and scaled.
• education: bachelor’s degree in business administration, risk management, finance, or a related field.
• regulatory knowledge: understanding of risk management frameworks (e.g., nist, coso) and interagency guidance on third-party relationships.
• analytical prowess: proven ability to interpret complex data, identify emerging risk trends, and conduct root-cause analysis on operational incidents.
• influencing skills: demonstrated "confidence to challenge" senior leadership and build cross-functional partnerships across business, operations, technology.
• technical proficiency: advanced skills in microsoft office suite (especially excel/power point). Familiarity with grc tools (e.g., auditboard, servicenow) is a plus.

focus is a leading financial services firm comprised of integrated wealth management, family office, and business management services. Blending deep expertise and expansive resources with a boutique, client-first fiduciary philosophy, focus helps individuals, families, and institutions navigate complex financial situations with highly personalized solutions tailored to their unique needs. To learn more about focus, visit  or follow the company on linkedin.

information on your california privacy rights can be found here

it is unlawful for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the united states, a member of the indiana national guard or a member of a reserve component.

i understand that under maryland law, an employer may not require or demand, as a condition of employment, prospective employment or continued employment, that any individual submit to or take a polygrap or similar test. An employer who violates this law is guilty of a misdemeanor and subject to a fine not exceeding $100.

it is unlawful in massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates…