Bayview Financial Holdings, L P

AVP, IT Ops Risk

Bayview Financial Holdings, L P$100K — $130K *
Finance & Insurance
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in IT, Cybersecurity, or related field; Master's preferred
  • 5+ years in IT Operational Risk or similar governance function
  • Strong knowledge of technology and operational risk frameworks
  • Experience conducting risk assessments and managing remediation activities
  • Familiarity with enterprise GRC platforms and industry frameworks
  • Excellent analytical and communication skills, translating technical risks to business recommendations

Responsibilities

  • Identify and report technology-related operational risks across the organization
  • Partner with cross-functional teams to evaluate control effectiveness
  • Conduct technology and operational risk assessments
  • Support continuous improvement of the operational risk management framework
  • Collaborate with Information Security GRC team on risk assessments
  • Develop metrics and dashboards to communicate risk trends to management
  • Enhance privacy and data protection initiatives in risk assessments

Benefits

  • Hybrid working environment (3 days on-site, 2 remote)
  • Comprehensive benefits package
  • Opportunities for professional advancement in a growing context
  • Work with cross-functional teams on risk management initiatives
  • Engage in burgeoning areas like AI governance and emerging technology risk
Full Job Description
Overview

POSITION SUMMARY

This role will work directly under the Head of Operational Risk and will be responsible for supporting the identification, measurement, monitoring, and management of technology-related operational risks across the organization. The individual will partner closely with Information Security, IT, Privacy, Data Protection, Business Continuity, and other key stakeholders to strengthen the organization's IT operational risk management framework.

The AVP, IT Operational Risk will play a key role in developing risk assessment methodologies, enhancing reporting, supporting risk assessments, coordinating with Information Security GRC on risk and control libraries, and helping ensure technology risks, control gaps, remediation activities, and emerging risks are appropriately identified, documented, tracked, and escalated.

RESPONSIBILITIES:
  • Identify, assess, monitor, and report on technology-related operational risks across the organization, including information security, privacy, data protection, business continuity, AI, and emerging technology risks.
  • Partner with IT, Information Security, Privacy, Data Protection, Compliance, Legal, Internal Audit, Business Continuity, and business stakeholders to identify risks, evaluate control effectiveness, and address control gaps.
  • Conduct and facilitate technology and operational risk assessments, identifying risk themes, emerging risks, and opportunities to strengthen the control environment.
  • Support the development, implementation, and continuous improvement of the firm's technology operational risk management framework, including risk taxonomies, control libraries, assessment methodologies, documentation standards, and governance processes.
  • Collaborate with the Information Security GRC team to align risk assessments, risk and control libraries, and Risk and Control Self-Assessments (RCSAs), while leveraging outputs from Internal Audit and other assurance functions.
  • Support the administration and ongoing enhancement of the Optro GRC platform and promote consistent risk documentation, reporting, and governance practices.
  • Develop dashboards, key risk indicators (KRIs), metrics, and reporting to communicate technology risks, remediation activities, control effectiveness, and emerging risk trends to senior management and governance committees.
  • Translate complex technical risks into clear, actionable business risk reporting for executive and non-technical audiences.
  • Support privacy and data protection initiatives by documenting operational risks, participating in privacy risk assessments, evaluating processing activities, assessing third-party risks, tracking remediation efforts, and contributing to incident response activities.
  • Partner with Data Protection teams to evaluate control gaps, perform operational risk gap analyses, and document, monitor, and report remediation activities.
  • Support business continuity and operational resilience initiatives, including Business Impact Analyses (BIAs), identification of critical business processes and technology dependencies, assessment of technology recovery risks, and development of mitigation strategies.
  • Contribute to the development and execution of AI governance and emerging technology risk management practices by participating in risk assessments, control design, monitoring activities, issue management, and governance processes.
  • Track remediation plans, control deficiencies, risk mitigation activities, and action items, following up with risk owners to ensure timely resolution and appropriate escalation of significant or overdue issues.
  • Support alignment of technology operational risk activities with regulatory requirements, industry standards, and internal policies by monitoring regulatory developments and assessing their impact on the organization's risk management practices.
  • Build strong cross-functional relationships and serve as a trusted risk partner, promoting a proactive risk culture and effectively communicating technology risk strategies, findings, and recommendations across the organization.

QUALIFICATIONS:
  • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Risk Management, Business, or a related field; Master's degree preferred.
  • 5+ years of experience in IT Operational Risk, Technology Risk, Information Security GRC, IT Audit, Enterprise Risk, or a related governance, risk, or compliance function.
  • Strong knowledge of technology risk, operational risk, information security, privacy, data protection, business continuity, and risk management frameworks.
  • Experience conducting risk and control assessments, managing remediation activities, developing KRIs and reporting, and supporting governance processes.
  • Experience partnering with IT, Information Security, Compliance, Privacy, Legal, Internal Audit, and business stakeholders in a cross-functional environment.
  • Familiarity with enterprise GRC platforms (Optro preferred) and industry frameworks such as NIST, COBIT, ISO 27001, or FFIEC.
  • Experience in financial services or another highly regulated industry preferred.
  • Experience supporting AI governance, emerging technology risk, or third-party technology risk preferred.
  • Excellent analytical, communication, and stakeholder management skills with the ability to translate technical risks into business-focused recommendations.

CERTIFICATIONS, LICENSES, AND/OR REGISTRATION

CRISC, CISA, CISM, CISSP, CIPM/CIPP(US) or similar certifications preferred

LOCATION AND COMPENSATION:

This is a hybrid position, with 3 days on-site (Tues - Thurs) and 2 days work from home.

Our preference is for the position to be in Bayview's Coral Gables FL location but if relevant candidate is found outside of that market we may be amenable.

Compensation is competitive and commensurate with experience, including a base salary, performance-based bonus, and comprehensive benefits package.

PHYSICAL DEMANDS AND WORK ENVIRONMENT

The physical demands described here reflect those necessary for effective job performance:
  • Regularly required to sit and use hands to handle or feel objects, tools, or controls; frequently required to talk and hear.
  • Noise level in the work environment is typically moderate.
  • Occasionally required to stand, walk, and reach with hands and arms; rarely required to stoop, kneel, crouch, or crawl.
  • Must be able to lift/move up to 10 pounds.
  • Required vision abilities include close vision, color vision, and the ability to adjust focus.


Reasonable accommodations may be made for individuals with disabilities to perform essential job functions.

About Bayview Financial Holdings, L P

Bayview Financial Holdings, L.P. is a mortgage investment firm that specializes in acquiring and managing distressed mortgage loans. The company was founded in 1993 and is headquartered in Coral Gables, Florida. Bayview Financial Holdings invests in a variety of mortgage assets, including residential and commercial loans, non-performing loans, and mortgage-backed securities. The company also provides loan servicing and asset management services to third-party clients. Bayview Financial Holdings has over 1,000 employees and manages over $14 billion in assets.
Learn more about Bayview Financial Holdings, L P
Size
1,000 employees
Industry
Founded
1993

Similar Jobs

More Jobs at Bayview Financial Holdings, L P

More Finance & Insurance Jobs

Find similar AVP, IT Ops Risk jobs: