Manager - Control Management (Internal Audit Quality Assurance)

Global Merchant & Network Services (GMNS) brings together American Express' merchant-and network related businesses to enable a sharp focus on using the power of our network to provide unique value to all our mutual customers. The organization manages the relationships with the millions of merchants around the world that accepts American Express and runs the company’s payment network and manages bank partnerships globally.

The objective of the GMNS Control Management Risk ID, Assessment, Testing team is to identify, assess, mitigate, and report on Operational Risk within Business Unit (BU) processes for GMNS to ensure adherence to regulatory standards, Amex policy and enhance the BU's resilience through managing a clear methodology of inherent and residual risk.

GMNS is looking for a Mgr of Risk ID, Assessment, Testing focused on ensuring control management is embedded in the day-to-day operations of our organization. It will involve extensive collaboration with multiple partners across numerous business units, functional areas, and geographies.

Responsibilities

• Facilitate delivery of the Control Testing program for GMNS busienss, through review of specific Risk Assessment Units (RAU)

• Perform Test of Design and Effectiveness for controls and determine Control Effectiveness Rating for all controls across GMNS

• Identify and report control gaps and remedial actions to improve effectiveness of controls, working with the respective control owners

• Establish an appropriate testing schedule for each RAU and manage day-to-day execution of testing deliverables as per scheduled timeline

• Perform and oversee assurance reviews of remediation programs to verify corrective actions are appropriately designed, implemented, and sustainable

• Proactively help identify certain areas of high-risk for intervention including conducting independent quality assurance and vertical process testing

• Provide support to enable and enhance effective control management and decision making in the BU.

• Support risk management practices within the business

• Support sharing insights, better practices, themes, etc. across the enterprise

Qualifications

• 6+ Years experience in operational risk management / control testing (e.g., within Risk and/or Internal Audit function) Understanding of critical operational risk management lifecycle activities

• Strong project management, communication, and interpersonal skills

• Experience in risk and control governance, with an understanding of processes that align with policies, regulatory frameworks, and/or operational standards

• Proficient analytical and problem-solving skills, with an ability to analyze data, identify trends, and evaluate risk scenarios effectively

Preferred Qualifications:

• Bachelor's Degree in Finance, Business, Risk Mgmt., or related field; advanced degrees (e.g., MBA, MSc) or certifications are advantageous

• Experience in at least one of the following:

• Providing identification of operational risks throughout business processes and systems

• Facilitating risk assessment performance in addition to further assessments and testing programs to ensure regulatory and internal standards are met

• Enhancing risk assessments and associated methodologies

• Reviewing controls through monitoring and testing for design and effectiveness to identify gaps and remediation to uplift controls.

• Identifying areas of risk for intervention, including conducting independent quality assurance and control testing

• Reviewing thematic risk reporting to provide actionable insights on risk levels, emerging trends and root causes

• Experience in financial services industry