ERM Risk Manager

The Second Line of Defense Risk Manager will work within the Bank's Enterprise Risk Management
function and will be responsible for credible challenge and testing of the first line of defense's Risk and
Control Self-Assessments (RCSA), programs, and functions to ensure inherent risks are adequately
identified, the related control(s) are properly designed and mitigates the inherent risk, and such controls
have been implemented, tested, and memorized in policies, procedures, desktop procedures. The
Manager will be responsible for developing ERM challenge and testing requirements and working with first
line of defense risk managers, risk liaisons, or line management in providing training, communicate
expectations, and challenge the first line of defense control programs and RCSAs.

This role will require an individual with knowledge of RCSAs, Sarbanes Oxley (SOX), or other risk and
control governance frameworks to readily assess inherent risk, ascertain properly designed controls, and
conduct corroborative inquiry and detailed testing to ensure that the controls are effective.

This role will require working and communicating with individuals throughout the institution regarding risk
analysis, project management, collaborating with business units in developing risk management and
governance frameworks. This role will also regularly act as a consultative resource to the first and second
line of defense, put together risk presentations or informational reports for business unit leaders,
executive management and the Board of Directors, and interpret and contribute to entity-wide policies
related to risk management and risk governance.

As an East West Bank employee, you will be part of a stable but growing organization that provides career
path development opportunities within the department or across the Bank.

• Responsible for leading creditable challenge of first line of defense control programs in evaluating
  the design and operating effectiveness of the first line's key controls and the appropriateness of
  the risk rating of these key controls.
• Responsible for establishing a challenge and testing framework and to maintain clear
  documentation of the scope, selection process, testing, and conclusions reached.
• Supervise ERM testing engagements from inception to completion, including planning, testing,
  issues management, and review.
• Monitor remediation efforts until resolution.
• Support the quality assessments of RCSAs completed by first line managers and recommend
  changes as appropriate.
• Create and memorialize detailed control testing templates, workpapers, and review
  commentaries.
• Manage and coordinate all risk activities to ensure material/key risks are appropriately identified,
  managed, escalated, tracked, and remediated timely.
• Analyze, aggregate, and articulate the results/issues/recommendations related to control testing
  activities.
• Assist with the validation and closure of control issues as identified through testing results.
• Provide day-to-day management, oversight, and longer-term development planning for risk
  management staff.
• Prepare ad-hoc risk management reports as assigned.
• Perform comprehensive and well-thought-out quantitative analyses and justify ERM's conclusion
  in a logical manner.
• Keep up to date with industry best practice and new regulations.
• Perform other duties and special projects as assigned.

• More than 10 years of work experience in risk management, Sarbanes Oxley, Internal Audit or
  External Audit (focusing on risk management, compliance, regulations), risk management
  consulting, or process improvement.
• Strong knowledge with risk and control identification, designing, planning, implementing, and
  testing.
• Experience in effectively managing a testing or quality assurance program.
• Ability to project manage and hold self and responsible parties accountable to assigned deadlines.
• Ability to make sound risk/reward decisions and propose practical solutions.
• Ability to consciously balance data, logic and intuition in all activities.
• Ability to think broadly, generate simple and creative ideas, and to translate strategy to execution.
• Effective verbal, written, and presentation skills with ability to influence desired outcomes.
• Ability to work within a dynamic collaborative environment in building new programs.
• Knowledge of applicable regulatory and legal compliance obligations, rules and regulations,
  industry standards, practices, and expectations for regional/large bank.
• Proven proactive approach to problem solving and workflow analysis be able to identify and
  implement process improvements.
• Collaborative team player with demonstrated ability to be flexible and entertain all possible
  options.
• Strong organizational skills, with the ability to effectively manage multiple deliverables and shift
  among various tasks and projects.
• Self-motivated and able to work effectively both independently and as a team
• A strong working knowledge of MS Office Software Suite (Word, Excel, Access, PPT, Visio)
• Knowledge and understanding of federal and state laws applicable to commercial banks.
• Experience with development of Key Risk Indicators is a plus.
• Strong knowledge of banking operations, products, and services; experience with risks and
  controls/control gap identification related to Loan Operations, Commercial Lending and Banking,
• Bank Support and Corporate functions (such as Marketing, HR, Accounting, FP&A etc.), AML/BSA,
• Payment Fraud Cross-border Banking, and Digital Banking is a big plus.
• Professional/Industry Accredited Risk Management certification (e.g., CIA, PRM, CRMP, etc.) is a
  big plus.