The Senior Director, Risk Management is responsible for the development, implementation and coordination of a centralized first-line of defense (LOD1) risk and internal control program for one or more Early Warning business lines. This role is designed to ensure risk programs and controls are implemented consistently and operating effectively across business lines as it relates to all risk types including strategic, operational, compliance and financial, and to drive that consistency in risk management practices throughout the business. The role will be required to align with Enterprise Risk Management leadership around the structure of the Three Lines of Defense (3LOD) Program.
- Build, lead and drive the business line’s centralized LOD1 function, including strategic vision and implementation plans, acting as business-line liaison to Enterprise Risk Management, Operational Risk Management, and Compliance in support of the company’s 3LOD program.
- Drive a culture of risk management and risk management ownership through the business and enterprise, assisting business leaders in assuming appropriate risk management accountabilities and responsibilities.
- Work with Compliance and other Risk functions to understand and monitor applicable regulations and requirements, assess business impact and drive appropriate projects and processes to address needed changes.
- Lead first line risk management activities such as the execution of Risk and Control Self Assessments.
- Partner with Business Continuity Management on business’ participation in BC/DR tests, and own and maintain required process and technical recovery plans.
- Oversee and monitor the business-lines’ third-party relationships, including both performance and risk management.
- Lead the business-line in the design and build of process maps in alignment with Early Warning’s Process Classification Framework. Own and maintain business-lines’ process inventory and internal control environment inventory.
- Understand the aggregate and cascading risks in the business; design, maintain, and report metrics (KPIs and KRIs) demonstrating control effectiveness.
- Identify and self-report issues through the ERM Self-Identified Issue Process, individually and together with other LOD1 business-line members
- Direct the first line’s testing and monitoring of controls by risk owners; ensure risk remediation plans exist and are sufficient for all gaps and issues; track remediation plans to completion and ensure remediation is on-time and sustainable;
- Develop and drive periodic executive level reporting regarding business risk management activities, working closely with business-line leadership Develop, in alignment with ERM, a 1st LOD risk management governance framework across the business lines to support decision making and escalation regarding risks that may not be consistent with the business’ risk tolerance
- Deliver education and awareness of risk ownership essentials.
- Continually monitor and update assessments of the control environment, keeping abreast of significant control issues, trends and developments.
- Lead a team of risk professionals and provide leadership to first line risk leaders in other business lines
- Support the company’s commitment to protect the integrity and confidentiality of systems and data.
- Bachelor’s degree in Business Administration, Finance, Accounting or other related field of specialty.
- Minimum of ten (10) or more years of financial services industry experience; minimum of seven (7) or more years of experience within a three-lines of defense program.
- Demonstrated experience working in multiple risk disciplines including but not limited to technology, security, product, regulatory and compliance, third party, reputation, competitive, or other risk categories.
- Demonstrated success leading risk functions in a 3LOD environment.
- Strong influencing skills and the ability to lead in a matrixed environment.
- Demonstrated ability to work effectively in a complex, highly regulated environment.
- Excellent problem solver with effective change management skills
- Working knowledge of regulatory requirements specific to the business-lines.
- Excellent communication, organization and interpersonal skills, with demonstrated ability to collaborate and build trust in business partners.
- Experience interacting with executive management
The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow instructions and perform other related duties as assigned by their supervisor.
- Knowledge of COSO’s Internal Control – Integrated Framework, or similar
- Risk management, internal control, or internal audit certification(s)
- Experience in payments products, consumer facing financial businesses, or similar.