Job Description:
Junior Risk Management & Controls Associate
(Remote Candidates will be considered)
Our Story and Our Purpose
National Digital Trust Company (In Organization) has received conditional approval from the Office of the Comptroller of the Currency to open as a federally chartered trust bank to provide a broad range of digital asset services.
We are building a specialized financial institution addressing the growing demand for digital asset services. Our primary business will focus on digital asset custody, providing secure, efficient custodial and fiduciary services for a variety of digital assets.
You will work with foundational systems and processes to help shape our operating model and influence how a new category of financial infrastructure comes to market.
We are looking for builders who handle complexity with confidence and tackle ambitious opportunities while keeping pace with this rapidly evolving industry.
Our Principles
Greatness is a mindset, not an accomplishment. Mediocrity is unacceptable. Excellence is contagious. We hire people because we believe in their greatness. Now is the time to prove us right.
Responsibility comes with the territory. Everyone is an owner, which means we share a common vision and mutual accountability. We act in line with our strategic objectives and the trust our customers place in us. We believe there is no such thing as "not my problem." Taking this level of ownership not only drives our collective success but also offers the potential for significant reward.
Innovation and adaptation are in our DNA. We are in a period of the most dramatic and rapid period of technological change in the history of humankind. Those that stay ahead will thrive, those that don't, won't. We innovate intelligently and thrive on overcoming challenges, to get (at least) a little better every day and ensure our continued growth and success.
Team first. We are reliable teammates working together toward extraordinary success through honesty and accountability. We believe collaboration knows no hierarchy, and we focus on what matters. We work toward consensus, but when necessary, we disagree and commit. We know that winners win.
Job Overview
The Junior Risk Management & Controls Associate is an early-career first line of defense professional within Operations, reporting to the Senior Risk Management & Controls Manager in the Office of the Chief Control Officer. The Associate is responsible for drafting and maintaining the first line's policies, procedures, frameworks, and standards; supporting the execution of Risk and Control Self-Assessments (RCSAs) at the process-owner level; and developing process maps with embedded risk and control annotations across key business processes.
Working under direct supervision, the Associate gains hands-on exposure to operational risk, regulatory expectations, and the realities of running controls inside live digital-asset banking processes. The role is a structured development pathway into more senior first-line risk and controls positions within the operations group.
Objectives
Policy, Procedure, Framework & Standard Drafting
• Draft, format, and maintain the first line's operational policies, procedures, frameworks, standards, work instructions, and desktop procedures in accordance with the bank's documentation standards and second-line framework requirements.
• Coordinate document review cycles with process owners, capture stakeholder feedback, manage version control, and prepare documents for approval by the Chief Control Officer and relevant governance forums.
• Maintain the first line's procedure library, ensure scheduled reviews are on track, and flag overdue or outdated documents for remediation.
• Translate second-line policies, regulatory guidance, audit findings, and risk events into clear, actionable language inside first-line procedures and work instructions.
RCSA Execution Support (First-Line Side)
• Support the planning and execution of RCSA workshops with first-line process owners, including scheduling, materials preparation, facilitation support, and minute-taking.
• Document inherent risks, existing controls, control effectiveness ratings, and residual risk in the bank's GRC platform per the methodology defined by the second line of defense.
• Track action items, control gaps, and remediation owners through closure; escalate aged items to the Senior Manager and the Chief Control Officer.
• Participate in calibration sessions and produce consolidated RCSA reporting for management and committees.
Process Mapping with Risk & Control Annotations
• Develop end-to-end process maps for key business processes (e.g., client onboarding, fiat and crypto deposits/withdrawals, custody operations, key ceremonies, payments and settlement, reconciliation, vendor management, complaint handling) using Microsoft Visio, Lucidchart, or comparable tooling.
• Annotate process maps with inherent risks, control points (preventive/detective, manual/automated), control owners, key data flows, and handoffs across the three lines of defense.
• Maintain a centralized repository of process maps with version history and a clear traceability link between process steps, risks in the risk register, and controls in the control library.
• Support process mining and process improvement initiatives by identifying control redundancy, control gaps, and opportunities for automation.
Issue, Action & Evidence Tracking
• Maintain the first line's issue and action tracker for risk events, RCSA gaps, second-line monitoring findings, internal audit findings, and regulatory observations.
• Support evidence collection, organization, and submission for first-line control testing, second-line monitoring & testing, and internal audit engagements.
• Prepare weekly and monthly status reports for the Senior Manager and the Chief Control Officer.
Reporting, Research & Continuous Learning
• Assist in preparing monthly and quarterly first-line risk and control reporting packages, board materials, and committee decks.
• Conduct horizon scanning on regulatory updates, enforcement actions, and industry events relevant to digital-asset banking; summarize potential implications for first-line procedures and controls.
• Build foundational knowledge of operational risk, financial-crime risk, third-party risk, technology and cyber risk, and digital-asset risk.
What you bring to NDTC
Required Qualifications
• Education: Bachelor's degree in Finance, Accounting, Economics, Risk Management, Business Administration, Information Systems, or a related discipline.
• Experience: 0–3 years of professional experience in operational risk, internal controls, internal audit, compliance, bankingoperations, consulting, or a relevant rotational program; internships count.
• Writing: Strong written communication — the ability to draft clear, concise procedures and to document business processes accurately.
• Discipline: Demonstrated organizational discipline: attention to detail, version-control habits, and reliable follow-through.
• Tools: Proficiency in Microsoft Word, Excel, PowerPoint, and at least one diagramming tool (Visio, Lucidchart, draw.io).
Preferred Qualifications
• Certifications: Coursework or certifications in progress: CRISC, CIA, CRMA, CAMS, CRCM, CFE, or CRM.
• GRC Tooling: Exposure to a GRC platform such as ServiceNow IRM, RSA Archer, MetricStream, OneTrust, or LogicGate.
• Frameworks: Familiarity with COSO Internal Control, COSO ERM, ISO 31000, or FFIEC examination handbooks.
• Curiosity: Genuine interest in digital assets, cryptocurrency, blockchain technology, and digital-asset banking.
Core Competencies
• Curiosity and a learning mindset —eager to ask why a control exists and how a process actually works.
• Professional written and verbal communication; ability to interview process owners and synthesize their answers.
• Collaboration and humility when working across the first, second, and third lines of defense.
• Discretion and integrity in handling confidential and sensitive information.
Career Development
• Structured mentorship from the Senior Risk Management & Controls Manager and the Chief Control Officer, with rotational exposure to specialty risk areas (financial crime, technology risk, third-party risk, digital-asset operations).
• Company support for one professional certification (exam fees, study materials, and study time) per year, subject to approval.
• Defined progression path to Risk & Controls Analyst Senior Analyst Manager within the first-line control organization.
We promote diversity of thought, culture, background, and experience. We are an equal opportunity employer, and employment at our company is based solely on one's merit and qualifications directly related to professional competence. We do not discriminate based on race, creed, color, ancestry, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, military or veteran status, or any other characteristics protected by law.
Featured benefits