Manager - Control Management

American Express•East Sussex, England, UK

fulltime

Other

3+ years

About the role

At American Express, our culture is built on a 175-year history of innovation, shared

values

and

Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service.

As part of Team Amex, you’ll experience our powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

How will you make an impact in this role?

ICS Governance & Control sits within International Card Services (ICS) which comprises of all the issuing functions across all 28 international markets excluding the US - colleagues operate across a variety of geographies and disciplines. ICS issues products to our Consumer and Commercial customers – the organization is an integral part of the global growth strategy for American Express; offering differentiated products and services is critical to our success and promises to drive significant growth and value through the delivery of innovative products, tailored to the needs of our customers.

The objective of the ICS Control Management Risk ID, Assessment, Testing and Reporting team is to identify, assess, mitigate, and report on Operational Risk within BU processes for ICS to ensure adherence to regulatory standards, Amex policy and enhance the BU's resilience through managing a clear methodology of inherent and residual risk.

ICS Control Management is looking for a Manager of Risk ID, Assessment, Testing & Reporting focused on ensuring control management is embedded in the day-to-day operations of our organization. It will involve extensive collaboration with multiple partners across numerous business units, functional areas, and geographies.

The Manager, ICS Control Management Risk ID, Assessment, Testing & Reporting will:

Lead the design and execution of the ICS Operational Risk Strategy, driving strong business management discipline, regulatory alignment, and operational effectiveness across the function.
Enhance and embed robust operational risk frameworks (including RCSA, scenario analysis, issue management, third-party risk, and control monitoring), ensuring consistency, scalability, and alignment with enterprise standards and industry best practices.
Ensure alignment with evolving regulatory requirements and supervisory expectations, proactively translating regulatory change into actionable framework enhancements and business guidance.
Partner with business process owners to strengthen the identification, assessment, and mitigation of risks across business processes and systems, applying structured methodologies and strategic risk insight.
Facilitate and provide effective challenge to Business Units (BUs) in the execution of risk assessments (e.g., PRSAs), enhancing assessment criteria, testing methodologies, and quality assurance programs to ensure adherence to internal policy and regulatory standards.
Conduct independent control monitoring (supplemental to BU process owner testing), including vertical process reviews and quality assurance activities, and synthesize key operational risk trends, events, and thematic insights.
Proactively identify areas of elevated risk requiring targeted intervention, leveraging data analytics, automated alerts, and risk indicators to drive timely escalation and remediation.
Strengthen governance forums, committee reporting, and escalation protocols to ensure transparent, timely, and effective risk oversight and decision-making.
Develop and deliver clear, concise, and compelling thematic risk reporting (risk levels, trends, drivers, and root causes), translating complex data into actionable insights for senior leadership and key stakeholders.
Review and optimize control categorization and cross-BU process-control mapping to enhance risk transparency, accountability, and control effectiveness.
Provide advisory support within New Product Governance (NPG), identifying operational risks, challenging control design, and recommending enhancements to support sustainable product and process innovation.
Review and enhance risk dashboards, key risk indicators (KRIs), risk profiles, and risk registers to ensure ongoing monitoring effectiveness and strategic risk visibility.
Provide thought leadership on emerging operational risk themes (e.g., digital risk, AI, cyber risk, operational resilience), advising stakeholders on implications and required control enhancements.
Promote cross-enterprise sharing of insights, emerging themes, and leading practices to drive continuous improvement in operational risk capability.
Demonstrate exceptional written, presentation, and communication skills, with the ability to influence senior stakeholders, clearly articulate complex risk concepts, and deliver high-quality executive-ready materials in a consultancy-style environment.

Minimum Qualifications:

3+ Years experience in operational risk management (e.g., within Risk and/or Internal Audit function) Understanding of critical operational risk management lifecycle activities
Strong project management, communication, and interpersonal skills
Experience in process governance, with an understanding of processes that align with policies, regulatory frameworks, and/or operational standards
Proficient analytical and problem-solving skills, with an ability to analyze data, identify trends, and evaluate risk scenarios effectively

Preferred Qualifications:

Bachelor’s Degree in Finance, Business, Risk Management, or related field required; advanced degree (e.g., MBA, MSc) and/or relevant professional certifications (e.g., FRM, PRM, CIA, CRMA) strongly preferred.
Consulting background strongly preferred, with experience advising financial services clients on operational risk strategy, risk transformation initiatives, and control framework enhancements.
Demonstrated experience delivering advisory engagements across one or more of the following areas:

+ Identifying and assessing operational risks across complex business processes, systems, and product lifecycles.
+ Designing, facilitating, and enhancing Risk \& Control Self\-Assessments (RCSAs/PRSAs), including methodology uplift, challenge, and regulatory alignment.
+ Developing and executing independent risk assessments, quality assurance reviews, and testing programs to meet regulatory and internal standards.
+ Reviewing and strengthening control monitoring frameworks, including identification of control design gaps and improvement opportunities.
+ Conducting targeted risk diagnostics to identify high\-risk areas requiring intervention, including independent vertical reviews and process testing.
+ Producing thematic risk analysis and executive\-level reporting that translates risk data into actionable insights on risk levels, emerging trends, and root causes.

Experience supporting operational risk tooling strategy, framework implementation, or large-scale risk transformation programs within financial services.
Strong understanding of financial services regulatory environments and supervisory expectations related to operational risk.
Proven ability to operate in a client-facing or stakeholder-intensive environment, demonstrating exceptional written, presentation, and communication skills, with experience delivering executive-ready materials and influencing senior leadership.
Experience within the financial services industry, either in-house or through consulting engagements.

ORMCM

Employment eligibility to work with American Express in

the UK

is required as the company will not pursue visa sponsorship for these positions.

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

Competitive base salaries
Bonus incentives
Support for financial-well-being and retirement
Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
Generous paid parental leave policies (depending on your location)
Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
Free and confidential counseling support through our Healthy Minds program
Career development and training opportunities

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

Similar Opportunities

About American Express

Visit Website

+ Identifying and assessing operational risks across complex business processes, systems, and product lifecycles. + Designing, facilitating, and enhancing Risk \& Control Self\-Assessments (RCSAs/PRSAs), including methodology uplift, challenge, and regulatory alignment. + Developing and executing independent risk assessments, quality assurance reviews, and testing programs to meet regulatory and internal standards. + Reviewing and strengthening control monitoring frameworks, including identification of control design gaps and improvement opportunities. + Conducting targeted risk diagnostics to identify high\-risk areas requiring intervention, including independent vertical reviews and process testing. + Producing thematic risk analysis and executive\-level reporting that translates risk data into actionable insights on risk levels, emerging trends, and root causes.