Enterprise Risk Consultant (Operational Risk)

Non-Financial Risk (Operational Risk) Consultant

Role Purpose

The Non-Financial Risk Senior/Analyst will design and implement non-financial risk frameworks for a major client project. This includes Business Continuity Planning (BCP), RCSA, Internal Controls, and Audit Program development, focusing on policy and framework creation.

Key Responsibilities

• Develop and update BCP and disaster recovery policies including governance, testing schedules, and reporting.
• Create and maintain RCSA frameworks and templates for business and technology processes.
• Draft internal control policies and procedures, linking controls to risk appetite and regulatory requirements.
• Design audit programs and internal control testing methodologies for key processes.
• Conduct gap assessments against regulatory expectations ( ISO 22301, ISO 27001, COSO).
• Build incident escalation and reporting frameworks for operational risk events.
• Partner with IT, operations, and compliance to embed risk frameworks and track remediation.
• Prepare governance packs and reporting materials for senior management and committees.

Qualifications & Experience

• Bachelor's degree in Business, IT, or Risk Management.
• Analyst: 13 years experience supporting BCP, RCSA, or control testing initiatives.
• Senior: 46 years experience leading non-financial risk framework or policy development.
• Familiarity with BCP, RCSA, and internal audit methodologies.
• Excellent writing, documentation, and facilitation skills.