Enterprise Risk Management Manager (hybrid)

JOB TITLE: Manager, Enterprise Risk Management

REPORTS TO (Title): Director, Internal Audit

Purpose of Role

The Enterprise Risk Management (ERM) Manager plays an instrumental role in maturing and maintaining client’s ERM program. Reporting to the Director, Internal Audit and ERM, this role contributes to client’s risk management program by conducting risk assessments, validating processes and controls, quantifying risk exposure, developing risk mitigation plans, and reporting on key risk metrics and mitigation status. The ERM Manager will maintain the ERM framework including risk taxonomy, risk assessment criteria, risk repository, ERM policy and procedures, and the GRC platform. The ERM Manager will drive cross-functional collaboration at all levels of the Institute to facilitate the growth of the ERM program.

Accountabilities & Responsibilities

1. Risk Governance & Framework

• Enhance and mature the Institute’s risk management program, including risk management policies, procedures, and methodologies.
• Collaborate with other departments and functions to present a consolidated and coordinated representation of major risks and themes to senior leaders.
• Facilitate knowledge sharing across the Institute to establish and mature risk management practices and awareness.

2. Risk Identification, Assessment, & Management

• Identify risks affecting the Institute’s operations across departments and various risk types, including developing a risk library through interviews and surveys of key stakeholders complemented by research of industry trends, emerging risks, and regulatory and industry-level developments.
• Assess identified risks and classify by risk priority using the Institute’s risk assessment criteria and other considerations.
• Assist with developing risk mitigation plans for prioritized risks and collaborate with stakeholders to validate and implement the plans. Perform periodic reassessments or validation of risk mitigation to determine whether the plans are operating as designed or require adjustment.
• Perform risk assurance procedures validating mitigation activities and progress to completion.
• Perform special projects, including custom risk assessments of various new and emerging risk areas for the Institute and requests from senior leadership.

3. Risk Reporting & Communication

• Create clear and thoughtful reports detailing risk assessment results tailored to the relevant audience and effectively present the reports to senior leaders or others.
• Build accountability and awareness for risk mitigation among risk owners and other stakeholders through a balance of a common understanding of risks, their impact on various departments and the Institute’s mission, and alignment of risk mitigation to business objectives.
• Own risk reporting and documentation processes within the Risks Management module of the Institute’s GRC platform. Maintain the features and enhance reporting processes using resources from the software provider and industry best practices.

Who You Are

Technical

• Bachelor’s degree in Risk Management, Business, Finance, or a related field is required.
• 5-7 years of related risk management experience is required.
• 1 year of experience leading or supervising staff.
• Certifications in risk management preferred, including Certification in Risk Management Assurance (CRMA) or Certified Internal Auditor (CIA).
• Advanced understanding of risk management processes and frameworks.
• Knowledge of established best practice ERM frameworks such as COSO and ISO 31000 with an ability to practically implement it tailored to the company.
• Experience working with GRC tools and reporting software.
• Strong computer skills utilizing Microsoft Office Suite (e.g. MS Work, Excel, Visio, and PowerPoint).

Relational

• Outstanding communication skills, including written and verbal communication, interpersonal, analytical, and problem-solving skills.
• Demonstrated experience establishing regular and collaborative engagement across the organization with key risk stakeholders to drive risk awareness and transparency.
• Confident and effective communicator who has experience interacting with stakeholders from all levels of an organization, including executive leadership.
• Ability to influence stakeholders throughout the Institute to take meaningful action to address key risks identified in a thoughtful, collaborative, and professional manner.

Business Acumen

• Ability to apply analytical and critical thinking skills to draw meaningful conclusions and prepare accurate reports of results.
• Process improvement, advisory, and continuous learning mindset.

Results Orientation

• Results-oriented and has a broad set of risk management skills and experiences including risk assessment, risk mitigation and monitoring, process improvement and risk assurance while operating successfully in a multi-stakeholder environment.
• An individual contributor role that collaborates with other stakeholders across the company and consistently drives risk mitigation projects forward.
• Strong project management skills, self-starter with the ability to work independently and see tasks/projects through to completion, meet or exceed deadlines, and escalate issues, when needed.

Job Type: Full-time

Pay: $128,000.00 - $167,000.00 per year

Schedule:

• 8 hour shift
• Monday to Friday

Work Location: In person

Salary : $128,000 - $167,000