Enterprise Risk Manager at Kuda Bank

The Role

• We are seeking an experienced Enterprise Risk Manager to oversee the development and execution of our organization's enterprise risk management (ERM) framework.
• The Enterprise Risk Manager will be responsible for implementing robust risk management practices to identify, assess, monitor, and report on key risks across the organization.
• This critical leadership role will partner with senior management and the Board of Directors to provide strategic insights on risk exposures and risk mitigation strategies.
• The ideal candidate will be an expert in designing risk programs and possess strong analytical abilities to derive meaningful findings from risk data.
• An influential leader, the Enterprise Risk Officer will collaborate cross-functionally to institute a risk-aware culture throughout the company.

Responsibilities

• Develop, execute, and continuously improve the organization's Enterprise Risk Management (ERM) strategy, framework, policies, and procedures to align with industry best practices.
• Build an organization-wide culture of effective risk management, accountability, and demonstration of risk awareness across the organization.
• Oversee the identification, documentation, analysis, prioritization, monitoring, and reporting of key strategic, operational, financial, compliance, cyber, third-party, and emerging risks through qualitative and quantitative risk assessments. Maintain risk register.
• Lead the annual Enterprise-Wide Risk Assessment (EWRA) process from end to end, including facilitating risk interviews, surveys, and workshops with stakeholders, compiling risk inventory, analyzing risk data, and developing risk profiles. Synthesize findings into an EWRA report detailing top risks and recommendations for senior management and the Board of Directors.
• Advise the organization on strategic risk forecasting and provide recommendations to transfer, accept, or mitigate strategic risk.
• Design and implement risk management tools, templates, and training programs to build risk management capabilities across the organization. Conduct training sessions to enhance risk awareness among employees.
• Develop a risk-based internal audit plan focused on high-risk areas and over time, expand audit coverage. Provide guidance to internal auditors on risk assessment methodology and documentation.
• Establish and produce risk reporting for key stakeholders including risk dashboards, risk reports, materials for quarterly Risk Committee meetings, and annual disclosures.
• Lead the Third Party Risk Management program leveraging a risk-based approach to assess and monitor vendors and partners. Maintain vendor risk register. Collaborate cross-functionally with Finance, Legal, IT, Security, and Product on vendor due diligence, contract negotiation, and ongoing monitoring.
• Partner with the information security team on cyber risk management initiatives. Incorporate cyber risks into the ERM framework and reporting.
• Develop business continuity and resilience plans based on business impact analyses and risk assessments. Coordinate annual testing of plans through tabletop exercises and drills. Lead crisis response in the event of a disruption, managing incident response team.
• Continuously monitor industry trends and developments related to risk management standards and regulations. Enhance ERM processes to align with regulations and best practices.
• Work with the departments to hire, manage, and develop team of risk professionals. Set goals and development plans. Foster an engaging team culture.

Requirements

•  7-10+ years experience developing and implementing ERM programs, with prior management experience
• Expert knowledge of leading risk management frameworks including COSO, ISO 31000, RIMS Risk Maturity Model, and NACD Risk Oversight Guidelines
• Proficiency in qualitative and quantitative risk assessment methodologies
• Strong analytical and critical thinking skills to derive insights from risk data across diverse risk areas 
• Excellent verbal and written communication as well as presentation skills. Able to distill complex risk concepts for broad audiences.
• Detail-oriented project management and organizational skills to manage multiple priorities
• Bachelor's degree required, Master's degree preferred. Relevant risk certification such as CRISC, CISA, or FRM strongly preferred.
• Prior experience in financial services, technology, or consulting industries a plus