Director of Enterprise Risk Mangement and Audit
Enterprise Risk Management | San Francisco, CA | Full Time | From $156,900 to $180,000 per year
Job Description
Who Are We?
San Francisco Federal Credit Union is a reputable financial institution dedicated to providing excellent services and support to our members. With a commitment to integrity and innovation, we strive to meet the diverse financial needs of our community.
With an "A" health rating and solid year-over-year growth, San Francisco Federal Credit Union’s (SFFedCU) membership is now over 43,000, with assets surpassing $1.4 billion and branches located in San Francisco and San Mateo County. Continuing along its highly successful growth trajectory, SFFedCU is seeking a Director of Enterprise Risk Management and Audit.
The Position
The Director of Enterprise Risk Management (ERM) will be responsible for developing, implementing, and maintaining the enterprise risk management framework. This role will ensure effective risk governance processes are in place, establish and monitor the risk appetite framework, oversee risk identification processes, and provide insightful risk reporting to senior leadership. Additionally, the role will focus on identifying and managing top and emerging risks.
This role also requires a strong, dynamic leader with sound knowledge of business management, and deep knowledge of risk management and best practices and will play a pivotal role in shaping the organization's risk management strategy, ensuring that risk considerations are integrated into business planning and decision-making processes. By providing strategic insights and recommendations, the Director will help drive the organization's risk management agenda, contributing to the achievement of business objectives and enhancing the overall risk culture. This role will also collaborate with various stakeholders and multidisciplinary teams to evaluate, recommend, and drive improvements to enterprise risk management practices and processes across the Credit Union. They will also promote and maintain the organization’s, mission, values, and culture and works to maintain high employee engagement and is a cultural champion for the Credit Union.
Responsibilities
Develop and maintain the Enterprise Risk Management framework, ensuring alignment with organizational objectives and regulatory requirements. Continuously improve enterprise risk management processes and methodologies.
Establish and monitor the risk appetite framework, ensuring it is integrated into strategic planning and decision-making processes. Execute activities supporting the risk appetite framework, including monitoring risk levels, assessing risk exposures, and implementing risk mitigation strategies to ensure alignment with board-approved risk appetite.
Lead the identification, assessment, and prioritization of enterprise risks. Develop and implement risk mitigation strategies and action plans. Oversee risk identification activities and processes that continuously identify threats and vulnerabilities, to determine the Credit Union’s enterprise risk profile. Develop and maintain a detailed enterprise-wide risk taxonomy.
Identify and monitor top and emerging risks that could impact the organization. Work with internal stakeholders to develop strategies to address these risks and ensure they are communicated to senior leadership and the board.
Continuously improve the Credit Union’s ability to identify, assess, prioritize, and mitigate risk throughout the organization and create recommendations on how to integrate controls as part of daily operations.
Develop risk management tools, practices, and policies to analyze and report enterprise risks, and to manage risks according to an enterprise risk management framework. Establish and maintain appropriate policies, standards, and procedures to support the enterprise risk management program.
Promote a culture of risk awareness through effective training, communication, and engagement with all levels of the organization. Lead initiatives to embed risk management principles into the organization’s culture, ensuring employees understand and embrace risk considerations in their daily activities.
Tactfully yet assertively challenge assumptions and perspectives on risks throughout the organization. Recommend improvements to policies, procedures, and practices to reduce costs, improve internal controls and/or drive efficiencies.
Engage with senior leadership and provide actionable insights and recommendations based on risk analysis.
Provide key inputs to risk oversight committees, including creating and updating risk management reports and presentations on the evaluation of the enterprise risk management program effectiveness, level and direction of risks, key and emerging risks, and status of previously identified risk and control issues. Participate in board, management, and committee meetings, as required.
Develop standardized metrics and reporting to enable continuous monitoring against program goals. Identify and implement improvements which support the overall maturity and growth of the enterprise risk management program. Prepare and deliver executive-level presentations
Coordinate and collaborate with line of business and support functions (e.g., Operational Risk, Information Technology, Information Security, Legal, Compliance, Privacy, Physical Security, and Finance, Enterprise Project Management Office, among others), to integrate the enterprise risk management operating framework across all areas of the Credit Union.
Maintain current knowledge of enterprise risk management industry trends, best practices and techniques that can be practically applied at SFFedCU. Partner with external agencies and peer companies to coordinate information exchange and leverage best practices.
Perform other duties as required to support the enterprise risk management and audit programs and the business, such as developing ad-hoc analysis, performing deep dive investigations, or driving specific risk initiatives.
Develop and maintain an understanding of the pertinent regulatory requirements and risks inherent to job responsibilities, establish, and maintain control activities that mitigate those risks consistent with the Credit Union’s risk appetite, and ensure operational integrity and compliance with applicable regulations.
Provide key inputs to audit oversight tracking and reporting, including creating and updating management reports and presentations on the evaluation of the audit effectiveness level.
Who Are You?
Bachelor's degree in Risk Management, Finance, Business Administration or related field.
At least 5 years of relevant experience in enterprise risk management in a financial institution or comparable experience. Experience developing and managing an enterprise risk management program is preferred.
Strong knowledge of enterprise risk management frameworks and governance models, methods, practices, and processes inclusive of risk identification, analysis, mitigation/control, communication, monitoring, reporting and escalation.
Strong, demonstrated knowledge of enterprise risk management methods with experience in development, management, and/or oversight of elements, such as program governance, risk assessment processes, and performance monitoring.
Demonstrated experience with regulatory agencies, requirements, and/or regulatory compliance. Ability to interface and build good working relationships with regulators/examiners.
Demonstrated ability to influence strategic direction by integrating risk management into business planning and decision-making processes.
Ability to promote a culture of risk awareness and embed risk management principles into the organization’s culture through effective training, communication, and engagement.
In-depth understanding of financial services and high degree of business acumen.
Strong analytical, problem-solving and workflow analysis skills, including demonstrated ability to quickly synthesize information from various sources, identifying key points and issues and strategize for solutions.
Ability to apply judgment around risk management and control frameworks and industry best practices and make sound risk/reward decisions using a balance of data, logic and intuition to inform critical business strategies and processes.
Proven strong leadership and mentorship skills, with experience in leading risk management initiatives and guiding team to achieve organizational objectives; ability to negotiate, influence, organize, and motive others. Demonstrated ability to build collaborative, cross-organization relationships, even in difficult situations.
Excellent communication (verbal, written and presentation) skills, including ability to convey complex situations and relationships concisely to management and executive level audiences, and/or non-technical stakeholders.
Strong organizational skills, with a high degree of initiative and ability to self-start and self-prioritize assignments and make timely and effective decisions.
Strong process facilitation, process management and improvement skills; ability to independently and effectively handle multiple priorities and deliver a quality result within tight deadlines.
Highly proficient in Microsoft Office Suite (Word, Excel, Visio, Outlook, PowerPoint). Experience with Governance, Risk, and Compliance (GRC) systems.
Solid work ethic and able to work effectively both independently and in a team.