Enterprise Risk and Controls Manager chez undefined

Position Summary 

We are seeking a highly skilled and proactive Enterprise Risk & Controls Manager to support the Enterprise Risk Management (ERM) function. This role is responsible for overseeing risk governance, policy and charter management, and supporting the Head of ERM in managing model risk, third-party risk management (TPRM), and non-financial risk activities. The ideal candidate will have a strong understanding of risk frameworks, excellent communication skills, and the ability to work cross-functionally with senior leadership and subject matter experts. 

Key Responsibilities 

Enterprise Risk Management (ERM) 

• Perform annual review and refresh of the ERM Program.
• Maintain the policy inventory and manage annual review/approval of policies and charters.
• Manage Risk Appetite Metrics providing thought leadership on results, thresholds, and reporting. 
• Perform holistic exam management, including evidence gathering and evaluation.
• Liaise between internal SMEs and external examiners.
• Set annual governance calendars.
• Manage Issues Management process, including Board reporting.
• Coordinate committee agendas, materials, and maintain minutes.
• Conduct substantive reviews of ERM reporting for escalation and improvement.
• Identify and propose governance process enhancements.

Model Risk Management 

• Manage Model Risk reporting. 
• Lead annual Model Risk Assessment, Model Attestation, and Tool Certification.
• Maintain model/tool inventory and perform risk reviews.
• Participate in internal risk reviews of models. 

Third-Party Risk Management (TPRM) 

• Conduct onboarding risk assessments and due diligence for new non-fintech vendors.
• Manage risk assessments for incumbent non-fintech vendors.
• Facilitate TPRM Committee meetings.
• Moderate onboarding risk assessments and oversee offboarding processes.
• Monitor performance questionnaires, expired insurance, and residual risk.
• Conduct onboarding risk assessments and due diligence for Fintech Partners.
• Manage risk assessments for incumbent Fintech Partners.
• Define and implement Fintech monitoring plans.
• Perform Second Line of Defense (2LoD) monitoring for Fintech Partners.

Non-Financial Risk 

• Provide updates on operational risk, model risk, and TPRM.
• Manage operational loss reporting, obtaining detailed information regarding losses and root causes. 
• Facilitate process risk assessments and Risk and Control Self-Assessments (RCSAs) coordinate second line of defense (2LoD) challenge of risk assessments, manage risk assessment reporting .
• Support business units in defining/documenting critical controls in the GRC tool.
• Assist with new product implementation through risk mapping and control readiness.

Required Knowledge, Skills, and Abilities 

• Bachelor’s degree or related experience and/or training; or the equivalent combination of education and experience. 
• 5+ years of third-party risk or banking risk management experience.
• Certified Regulatory Vendor Program Management certification or equivalent strongly desired, or ability to obtain.
• Experience in performing risk assessments and reporting aggregated results. 
• Experience in managing and/or assessing Fintech partner relationships. 
• Experience in managing and/or assessing traditional third-party relationships.
• Highly ethical with strict confidentiality.
• Positive attitude and proactive mindset.
• Strong decision-making and problem-solving skills.
• Flexible and adaptable to evolving functions.
• Exceptional written and verbal communication skills.
• Detail-oriented with the ability to manage multiple priorities in a fast-paced environment.
• Experience working with senior and executive-level management.
• Proven ability to map risks and controls within processes.
• Functional knowledge of risk management.
• Strong cross-functional collaboration skills.
• Highly efficient in Microsoft Office