Location:

4910 Tiedeman Road, Brooklyn Ohio

About the Job

This 2nd Line of Defense role resides within the Data Risk Governance Office (DRGO), supporting oversight of enterprise-wide data governance practices across KeyCorp. The Sr. Operational Risk Officer is responsible for providing independent oversight and credible challenge to the first line of defense (1LOD) regarding data governance, data quality, metadata management, and data lifecycle practices. This role engages with senior leaders across business units and technology teams to ensure alignment with Key’s Data Risk Management Framework, regulatory expectations, and industry best practices. 

The ideal candidate will have deep experience in data governance, operational risk, and risk oversight, with the ability to identify material risks, assess control effectiveness, and influence remediation strategies. 

 

Essential Functions

Provide oversight and credible challenge of data governance practices across the enterprise 

Evaluate risks and controls related to metadata management, data quality, data lineage, and data lifecycle 

Review and challenge 1LOD Risk and Control Self-Assessments (RCSAs) and data risk profiles 

Monitor and report on adherence to Key’s Data Risk Management Framework and related policies 

Support the development and refinement of Key Risk Indicators (KRIs), data tolerances, and performance metrics 

Support Data Risk Reporting and escalation management processes 

Support the Data Risk Policy and Framework adherence and maturity monitoring 

Participate in regulatory intelligence gathering and emerging risk identification 

Assist with exam and regulatory management, including audit coordination and response 

Participate in the execution of the Data Risk Validation Framework and data issue verification activities 

Conduct risk and control evaluation and testing across data-related processes 

Consult with 1LOD on business initiatives, critical change programs, and technology integration 

Assess risks associated with new products, services, and third-party engagements (TPM) 

Support regulatory reporting validation and enterprise program integration efforts 

Identify and assess business process risks (BPRI), data quality variances, and exception trends 

Escalate significant risk issues and facilitate corrective actions 

Foster strong relationships with business partners and senior management to promote risk transparency 

Identify gaps and deficiencies in existing data risks and controls, evaluate their impact, and recommend remediation actions to address them 

Draft assessment and validation reports and presentations, highlighting areas of concern, emerging risks, and recommended remedial actions for stakeholders and senior management 

Maintain awareness of emerging regulatory and industry trends in data governance and operational risk 

 

Required Qualifications

Bachelor’s degree in Information Technology, Business, Finance, or related field, or equivalent experience

Minimum 8 years of experience in data governance, technology risk, cybersecurity risk, operational risk, enterprise risk, audit, or compliance

Experience in a second line oversight function within financial services (preferred) 

Advanced degree (MBA or similar) or relevant certifications (preferred) 

 

Certifications (Preferred) 

ISACA: CISA, CRISC, CGEIT, CISM 

Data Governance: DCAM, CDMC, CDMP 

ISC2: CISSP, CCSP 

Cloud Security Alliance: CCAK 

 

Skills & Competencies 

Strong understanding of data governance frameworks (e.g., DCAM, DMBOK, CDMC) 

Demonstrated ability to assess and challenge data-related risks and controls 

Excellent analytical, communication, and stakeholder engagement skills 

Strategic thinking with an execution-oriented mindset 

Ability to manage multiple priorities in a fast-paced environment 

Proficient in Microsoft Office Suite, SharePoint, Archer GRC, and data visualization tools (e.g., Tableau, Power BI) 

Familiarity with Agile methodologies and project management tools 

Strong leadership and influencing skills 

Intellectual curiosity and commitment to continuous improvement 

 

Core Competencies 

All KeyBank employees are expected to demonstrate Key’s Values and sustain proficiency in identified Leadership Competencies. 

 

Physical Demands 

General Office - Prolonged sitting, ability to communicate face to face in person or on the phone with teammates and clients, frequent use of PC/laptop, occasional lifting/pushing/pulling of backpacks, computer bags up to 10 lbs. 

 

Travel 

Occasional travel to include overnight stay. 

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $100,000 to $130,000 annually depending on location and job-related factors such as level of experience. Compensation for this role also includes eligibility for short-term incentive compensation and deferred incentive compensation subject to individual and company performance.

Please click here for a list of benefits for which this position is eligible.

Key has implemented a role-based Mobile by Design approach to our employee workspaces, dedicating space to those whose roles require specific workspaces, while providing flexible options for roles which are less dependent on assigned workspaces and can be performed effectively in a mobile environment. As a result, this role may be Mobile or Home-based, which means you may work primarily either at a home office or in a Key facility to perform your job duties.

Job Posting Expiration Date: 09/26/2025

KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.

#LI-Remote