VP, Operational Risk Business Partner

GENERAL SUMMARY

The Operational Risk Business Partner (ORBP) is part of our Second Line of Defense (2LOD) Operational Risk Management (ORM) function. ORBP will serve as a pivotal partner to front-line risk managers and business units in designing, executing, and maturing the bank's Risk and Control Self-Assessment (RCSA) program. ORBP will provide expert challenge, guidance, and subject-matter expertise to ensure robust risk identification, assessment, monitoring, and reporting. ORBP will collaborate with second-line SMEs to translate risk insights into actionable improvements, contribute to the development of key risk indicators (KRIs), and drive risk culture and training across divisions. This is an individual contributor role focused on delivering results through advice, governance, and expert guidance rather than direct team management.

ESSENTIAL FUNCTIONS

• Lead and coordinate the annual end to end and ongoing RCSA process with front-line risk managers across business units.
• Provide independent oversight of operational risk management activities performed by the First Line of Defense.
• Provide strong, constructive challenge to ensure comprehensive risk and control identification, assessment, and documentation. Validate risk ratings, control effectiveness, residual risk levels, and action plans; ensure consistency with policy standards and escalation thresholds. Review and approve risk and control narratives, risk taxonomy alignment, and control owner accountability.
• Act as a trusted advisor to business unit risk champions and process owners, offering expert guidance on risk controls, control design, and risk acceptance criteria. Facilitate risk workshops, interviews, and scenario analysis to surface emerging risks and ensure timely remediation. Facilitate constructive dialogue between 1LOD and risk governance functions.
• Lead the development, validation, and enhancement of the bank's Key Risk Indicators (KRIs) in partnership with owners and SMEs. Monitor KRI performance, perform trend analysis, and recommend risk-reduction actions or escalation when indicators breach thresholds. Integrate KRI results into governance forums and reporting to senior management and risk committees.
• Design and deliver risk training programs, workshops, and communications to enhance risk awareness and control practices across divisions. Develop practical guidance, playbooks, and toolkits to standardize risk assessment methodologies and control testing approaches.
• Collaborate with second-line SMEs (e.g., IT, cyber, information security, business continuity, model risk, compliance) to incorporate their assessments into the RCSA and KRIs. Translate SME findings into actionable risk actions, monitoring plans, and escalation paths.
• Support the development and maintenance of risk libraries, control dictionaries, and standard risk assessment criteria.
• Prepare and present risk and control status, themes, and remediation progress to risk committees, governance forums, and senior leadership.
• Maintain issue and remediation tracking, ensuring timely closure and evidence of control improvements by conducting validation of all remediation plans by 1LOD.
• Contribute to policy interpretation, standards, and procedures related to operational risk and RCSA practices.
• Maintain high-quality RCSA documentation, control catalogs, and risk registers in the risk management systems.
• Support New Product and services launch risk assessments.
• Perform data-driven analyses to identify patterns, gaps, and opportunities for risk reduction.
• Identify opportunities to enhance RCSA efficiency, consistency, and effectiveness through process improvements, automation, and technology solutions.
• Participate in GRC system enhancement projects and user acceptance testing for risks systems.
• Promote a strong risk culture by driving accountability, constructive challenge, and timely escalation of issues.
• Stay current on regulatory expectations, industry.

QUALIFICATIONS

Education:

• Bachelor's degree in Finance, Risk Management, Business Administration, or related discipline (Master's preferred)

Experience:

• Minimum 5-7 years of experience in operational risk, RCSA, incident and issue management, internal controls, or audit within financial services or a similarly regulated industry.
• Demonstrated ability to challenge front-line risk managers and influence risk-based decision making without direct line authority.
• Prior experience as a second-line risk professional or risk partner with cross-functional collaboration across IT, cyber, information security, business continuity, compliance, and operations.
• Deep understanding of first line processes and risk/control activities.

Skills/Ability:

• Understanding of operational risk management principles, frameworks, and methodologies within the financial services industry. This includes knowledge of regulatory requirements (such as Basel III) and industry's best practices.
• Knowledge of operational risk frameworks (e.g., Basel, ORMF), internal control standards, and incident management tools.
• Strong analytical and problem-solving skills; ability to interpret data and identify trends.
• Strong analytical thinking and attention to detail.
• Excellent communication and stakeholder management abilities.
• Ability to synthetize complex information into clear, actionable insights.
• Attention to detail and a proactive mindset, ability to work under tight deadlines.
• Collaborative mindset with a proactive attitude towards problem-solving.

OTHER DETAILS

$110K - $133K / year
Pay determined based on job-related knowledge, skills, experience, and location.
This position may be eligible for a discretionary bonus.

Cathay Bank offers its full-time employees a competitive benefits package which is a significant part of their total compensation. It is our goal to provide employees with a comprehensive benefits package to fit their needs which includes, coverage for medical insurance, dental insurance, vision insurance, life insurance, long-term disability insurance, and flexible spending accounts (FSAs), health saving account (HSA) with company contributions, voluntary coverages, and 401(k).

Cathay Bank may collect personal information from potential job candidates and applicants. For more information on how we handle personal information and your applicable rights, please review our Privacy Policy.

Cathay Bank is an Equal Opportunity and Affirmative Action Employer. We welcome applications for employment from all qualified candidates, regardless of race, color, ethnicity, ancestry, citizenship, gender, national origin, religion, age, sex (including pregnancy and related medical conditions, childbirth and breastfeeding), reproductive health decision-making, sexual orientation, gender identity and expression, genetic information or characteristics, disability or medical condition, military status or status as a protected veteran, or any other status protected by applicable law.

Click here to view the "Know Your Rights: Workplace Discrimination is Illegal" Poster:
Poster- English

Poster- Spanish

Poster- Chinese Traditional Poster- Chinese Simplified

Cathay Bank endeavors to make www.CathayBank.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact, Mickey Hsu, FVP, Employee Relations Manager, at (626) 582-7370 or mickey.hsu@cathaybank.com. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.