Director - Enterprise Risk Management

TITLE: DIRECTOR - ENTERPRISE RISK MANAGEMENT
STATUS: EXEMPT
REPORTS TO: VP - ENTERPRISE RISK OFFICER
DEPARTMENT: ENTERPRISE RISK MANAGEMENT
JOB CODE: 11811

PAY RANGE: $156,900.00 - $180,000.00 ANNUALLY

 

GENERAL DESCRIPTION:

 

The Director, Enterprise Risk Management (ERM) will be responsible for developing, implementing, and maintaining the enterprise risk management framework. This role will ensure effective risk governance processes are in place, establish and monitor the risk appetite framework, oversee risk identification processes, and provide insightful risk reporting to senior leadership. Additionally, the role will focus on identifying and managing top and emerging risks.

This role requires a strong, dynamic leader with sound knowledge of business management, and deep knowledge of risk management and best practices. This role will play a pivotal role in shaping the organization's risk management strategy, ensuring that risk considerations are integrated into business planning and decision-making processes. By providing strategic insights and recommendations, the Director will help drive the organization's risk management agenda, contributing to the achievement of business objectives and enhancing the overall risk culture.

The Director will collaborate with various stakeholders and multidisciplinary teams to evaluate, recommend, and drive improvements to enterprise risk management practices and processes across the Credit Union.

TASKS, DUTIES, FUNCTIONS:

 

1. Develop and maintain the Enterprise Risk Management framework, ensuring alignment with organizational objectives and regulatory requirements. Continuously improve enterprise risk management processes and methodologies.

 

2. Establish and monitor the risk appetite framework, ensuring it is integrated into strategic planning and decision-making processes. Execute activities supporting the risk appetite framework, including monitoring risk levels, assessing risk exposures, and implementing risk mitigation strategies to ensure alignment with board-approved risk appetite.
3. Lead the identification, assessment, and prioritization of enterprise risks. Develop and implement risk mitigation strategies and action plans. Oversee risk identification activities and processes that continuously identify threats and vulnerabilities, to determine the Credit Union’s enterprise risk profile. Develop and maintain a detailed enterprise-wide risk taxonomy.
4. Identify and monitor top and emerging risks that could impact the organization. Work with internal stakeholders to develop strategies to address these risks and ensure they are communicated to senior leadership and the board.
5. Continuously improve the Credit Union’s ability to identify, assess, prioritize, and mitigate risk throughout the organization and create recommendations on how to integrate controls as part of daily operations.
6. Develop risk management tools, practices, and policies to analyze and report enterprise risks, and to manage risks according to an enterprise risk management framework. Establish and maintain appropriate policies, standards, and procedures to support the enterprise risk management program.
7. Promote a culture of risk awareness through effective training, communication, and engagement with all levels of the organization. Lead initiatives to embed risk management principles into the organization’s culture, ensuring employees understand and embrace risk considerations in their daily activities.
8. Tactfully yet assertively challenge assumptions and perspectives on risks throughout the organization. Recommend improvements to policies, procedures, and practices to reduce costs, improve internal controls and/or drive efficiencies.
9. Engage with senior leadership and provide actionable insights and recommendations based on risk analysis.
10. Provide key inputs to risk oversight committees, including creating and updating risk management reports and presentations on the evaluation of the enterprise risk management program effectiveness, level and direction of risks, key and emerging risks, and status of previously identified risk and control issues. Participate in board, management, and committee meetings, as required.
11. Develop standardized metrics and reporting to enable continuous monitoring against program goals. Identify and implement improvements which support the overall maturity and growth of the enterprise risk management program. Prepare and deliver executive-level presentations.
12. Coordinate and collaborate with line of business and support functions (e.g., Operational Risk, Information Technology, Information Security, Legal, Compliance, Privacy, Physical Security, and Finance, Enterprise Project Management Office, among others), to integrate the enterprise risk management operating framework across all areas of the credit union.
13. Maintain current knowledge of enterprise risk management industry trends, best practices and techniques that can be practically applied at Golden 1. Partner with external agencies and peer companies to coordinate information exchange and leverage best practices.
14. Perform other duties as required to support the enterprise risk management program and the business, such as developing ad-hoc analysis, performing deep dive investigations, or driving specific risk initiatives.
15. Develop and maintain an understanding of the pertinent regulatory requirements and risks inherent to job responsibilities, establish, and maintain control activities that mitigate those risks consistent with the Credit Union’s risk appetite, and ensure operational integrity and compliance with applicable regulations.

 

PHYSICAL SKILLS, ABILITIES, AND EXERTION UTILIZED IN THE PERFORMANCE OF THESE TASKS:

 

1.  Effective oral and written communication skills required to interact with credit union staff, management, and all member channels.

2.  Must possess sufficient manual dexterity to skillfully operate an on-line computer terminal and other standard office equipment, such as financial calculators, personal computer, facsimile machine and telephone.

 

ORGANIZATIONAL CONTACTS & RELATIONSHIPS:

 

1.  INTERNAL: All levels of staff and management.

 

2.  EXTERNAL: Volunteers, external auditors, regulators/examiners, professional   and community organizations and others, as needed.

 

QUALIFICATIONS:

 

1.  EDUCATION: Bachelor’s degree in Risk Management, Finance. Business Administration, or related field.

 

2.  EXPERIENCE:

• At least 10 years of relevant experience in enterprise risk management in a financial institution or comparable experience. Experience developing and managing a enterprise risk management program is strongly preferred.

 

3.  KNOWLEDGE/SKILLS:

 

•    Strong knowledge of enterprise risk management frameworks and governance models, methods, practices, and processes inclusive of risk identification, analysis, mitigation/control, communication, monitoring, reporting and escalation.

 

•    Strong, demonstrated knowledge of enterprise risk management methods with experience in development, management, and/or oversight of elements, such as program governance, risk assessment processes, and performance monitoring.

 

•    Demonstrated experience with regulatory agencies, requirements, and/or regulatory compliance. Ability to interface and build good working relationships with regulators/examiners.

 

•    Demonstrated ability to influence strategic direction by integrating risk management into business planning and decision-making processes.

 

•    Ability to promote a culture of risk awareness and embed risk management principles into the organization’s culture through effective training, communication, and engagement.

 

•    In-depth understanding of financial services and high degree of business acumen.

 

•    Strong analytical, problem-solving and workflow analysis skills, including demonstrated ability to quickly synthesize information from various sources, identifying key points and issues and strategize for solutions.

 

•    Ability to apply judgment around risk management and control frameworks and industry best practices and make sound risk/reward decisions using a balance of data, logic and intuition to inform critical business strategies and processes.

 

•    Proven strong leadership and mentorship skills, with experience in leading risk management initiatives and guiding team to achieve organizational objectives; ability to negotiate, influence, organize, and motive others. Demonstrated ability to build collaborative, cross-organization relationships, even in difficult situations.

 

•    Excellent communication (verbal, written and presentation) skills, including ability to convey complex situations and relationships concisely to management and executive level audiences, and/or non-technical stakeholders.

 

•    Strong organizational skills, with a high degree of initiative and ability to self-start and self-prioritize assignments and make timely and effective decisions.

 

•    Strong process facilitation, process management and improvement skills; ability to independently and effectively handle multiple priorities and deliver a quality result within tight deadlines.

 

•    Highly proficient in Microsoft Office Suite (Word, Excel, Visio, Outlook, PowerPoint). Experience with Governance, Risk, and Compliance (GRC) systems.

 

•    Solid work ethic and able to work effectively both independently and in a team.

 

PHYSICAL REQUIREMENTS:

 

1.  Prolonged sitting throughout the workday with occasional mobility required.

 

2.  Corrected vision within the normal range.

 

3.  Hearing within normal range.  A device to enhance hearing will be provided if needed.

 

4.  Ability to lift 15 lbs. as may be required.

 

5.  Occasional movements throughout the department daily to interact with staff, accomplish tasks, etc.

 

6.  Unusually long or inconsistent hours may be required to accomplish tasks.

 

7.  Travel may be needed to accomplish tasks. Overnight travel is sometimes necessary. Occasional weekend and evening schedules required.

 

LICENSES/CERTIFICATIONS:

 

Professional certification in enterprise risk management preferred.

 

#LI-Hybrid

 

THIS JOB DESCRIPTION IN NO WAY STATES OR IMPLIES THAT THESE ARE THE ONLY DUTIES TO BE PERFORMED BY THIS EMPLOYEE.  HE OR SHE WILL BE REQUIRED TO FOLLOW OTHER INSTRUCTIONS AND TO PERFORM OTHER DUTIES REQUESTED BY HIS OR HER SUPERVISOR THAT ARE WITHIN HIS / HER KNOWLEDGE, SKILL AND ABILITY AS WELL AS HIS / HER MENTAL AND PHYSICAL ABILITIES.

 

REV. 2/13/2025