Head of Enterprise Risk Management

Job Summary:

The Head of Enterprise Risk Management (ERM) is responsible for designing, implementing, and advancing a comprehensive enterprise risk management framework that integrates risk intelligence into strategic planning, capital allocation, performance management, governance, and transformation initiatives.  Reporting to the Chief Risk Officer (CRO), the role provides enterprise-wide leadership, authority, and influence to establish consistent risk standards, enhance forward looking risk visibility, and support executive and Board decision making.

Job Responsibilities:

• Architect, implement, and mature the enterprise risk management framework aligned to strategy, capital, and performance objectives.
• Define and operationalize enterprise risk appetite and tolerances in collaboration with executive leadership and the Board; cascade into policies, incentives, performance management, and investment decisions.
• Establish and maintain enterprise‑wide risk governance, including a common risk language, taxonomy, and measurement standards.
• Develop an effective Three Lines of Defense model, delineating ownership and influence across risk‑related functions including capital management, operational risk, IT/Cyber, compliance, legal, internal audit, and business units.
• Lead recurring Enterprise Risk Assessments (ERAs) and materiality analyses; maintain an enterprise risk register capturing risk velocity, interdependencies, concentrations, and residual exposure.
• Implement key risk indicators (KRIs), early‑warning mechanisms, scenario analysis, stress testing, and emerging risk monitoring.
• Serve as an independent enterprise challenger to strategic decisions, capital deployment, and portfolio trade‑offs.
• Embed risk‑adjusted decision‑making into strategy development, M&A, capital planning, portfolio management, and large‑scale transformation initiatives.
• Partner with the Financial Planning & Analysis (FP&A) department and business leadership to integrate risk impacts into forecasts, plans, and resource allocation decisions.
• Ensure major programs and initiatives include defined risk gates, mitigation plans, and post‑implementation reviews.
• Oversee and strengthen operational risk management, including Risk and Control Self-Assessments (RCSAs), incident and loss event reporting, remediation tracking, and thematic analysis.
• Support enterprise resilience through Business Continuity, Disaster Recovery, and Crisis Management planning, simulations, and after‑action reviews.
• Enhance Third‑Party Risk Management, including due diligence, segmentation, ongoing monitoring, and exit planning using a tiered oversight approach.
• Develop enterprise risk data, analytics, and dashboards to provide timely insights, trend analysis, heatmaps, KRIs, and scenario outcomes.
• Establish effective executive and Board risk reporting cadences and automate reporting processes to improve timeliness and data quality.
• Provide input into ORSA, capital adequacy, emerging risk disclosures, and regulatory risk reporting as applicable.
• Build and sustain a strong enterprise risk culture through clear accountability, role‑based enablement, and leadership engagement.
• Lead, develop, and scale a high‑performing ERM team, including leveraging centers of excellence and embedded business risk champions.
• Provide strategic input to the CRO on segment strategies, risk appetite breaches, and aggregated enterprise risk and capital usage.

Job Qualifications:

• 12+ years of progressive experience in enterprise risk management, finance, strategy, or related leadership roles.
• 5+ years of senior people leadership experience.
• Bachelor’s degree in Finance, Risk Management, Accounting, Business, or a related discipline required; advanced degree preferred.
• Experience operating at the executive and Board level.
• Strong understanding of ERM frameworks, capital management, operational risk, governance, and enterprise transformation.
• Insurance or financial services industry experience preferred.

Licenses and Certifications: 

• Professional risk or finance certifications (e.g., CPA, CFA, FRM, CERA) preferred.

Behavioral Competencies:

• Collaborates
• Communicates Effectively
• Customer Focus
• Decision Quality
• Nimble Learning
• Builds Effective Teams
• Business Insight
• Develops Talent
• Directs Work
• Ensures Accountability
• Manages Complexity
• Drives Vision and Purpose
• Strategic Mindset

Technical Skills:

• Enterprise Risk Management
• Risk Appetite & Governance
• Scenario Analysis & Stress Testing
• Capital & Portfolio Risk
• Operational Risk Management
• Resilience & Crisis Management
• Third‑Party Risk Management
• Risk Data & Analytics
• Controls Assessment
• Stakeholder Management

This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.