Director, Enterprise Risk Management

Allegacy Federal Credit Union•Winston-Salem, NC

About The Position

At Allegacy, there’s a common thread that runs through all of us. It’s our commitment to doing right and our promise to members to always do the right thing for their wellbeing. Every employee in our organization is accountable to living out our brand in meaningful ways as our promise motivates our beliefs, our behaviors, and the benefits we share together. Reporting to the SVP of Risk and Compliance, the Director of Enterprise Risk Management (ERM) is responsible for the design, execution, and continuous enhancement of the Credit Union's enterprise risk management framework and for the aggregation, analysis, and communication of the organization’s risk profile. This role serves as a Second Line of Defense function, providing independent risk oversight, guidance, and reporting across the enterprise. The Director translates institutional and market intelligence into forward-looking risk insights and recommendations for Executive Leadership and the Board of Directors, supporting informed risk-taking and long-term safety and soundness. Operating as a department of one, this position combines strategic program ownership with direct execution of core ERM processes. The Director serves as a connector between enterprise risk and business leadership, ensuring risk considerations are embedded into strategic planning and execution.

Requirements

Analytical Excellence: Strong problem-solving, quantitative, and analytical modeling skills with the ability to communicate meaningful data to diverse audiences.
Strategic Vision: Deep knowledge of credit union operations and the ability to view risk through a strategic, institutional lens while remaining comfortable operating tactically as and when required.
Communication: Exceptional oral and written communication skills, including the ability to prepare executive-level reports and presentations.
Agility & Judgment: Demonstrated sound judgment, discretion, urgency and adaptability in complex or ambiguous risk situations, with the ability to balance strategic thinking and execution demands.
Technical Proficiency: Advanced knowledge of MS Office (Excel, PowerPoint, Word) and experience with directly leveraging ERM/GRC software or AI-driven tools like MS Copilot, to enhance risk insight and reporting efficiency.
Education: Bachelor’s degree in Economics, Finance, Accounting, Statistics, Data Science, Risk Management or a related quantitative field.
Experience: Progressive experience (minimum of 5 years) in risk management, internal audit, or business process improvement, ideally within a financial services environment, including roles requiring independent ownership and execution of risk management processes.

Nice To Haves

Certifications: Professional Risk Management (PRM), Enterprise Risk Management Designation, or similar certifications preferred.

Responsibilities

ERM Framework Optimization and Execution: Provide leadership over the ongoing evolution and effectiveness of the ERM framework, including the direct design, execution, maintenance, and documentation of enterprise risk assessments, risk inventories, and related ERM processes, ensuring alignment with the Credit Union’s strategic objectives and risk governance expectations.
Policy & Methodology: Establish, maintain and personally execute robust risk policies, procedures, and assessment methodologies that align with industry best practices. Maintain and monitor the Credit Union’s Risk Appetite Statement (RAS), including drafting, updating and facilitating management discussion, to ensure alignment between strategic risk-taking and operational limits.
Risk Culture Advocacy: Partner with Partner with senior leaders and business units to reinforce a strong, enterprise wide risk culture that balances growth, innovation, and prudent risk management including hands-on facilitation of risk workshops, education session and management discussions.
Organizational Resilience: Provide leadership and oversight for critical risk domains, including the corporate insurance portfolio, Business Continuity/Disaster Recovery (BCDR), Third Party Risk Management ensuring frameworks, testing, reporting, and documentation are executed effectively while reinforcing clear first line ownership.
Consultative Support: Serve as a risk advisor to departmental business units to identify, assess, and effectively mitigate risks specific to their operations, while directly supporting risk identification and assessment activities across the organization.
Collaborative Mitigation: Guide and collaborate with business leaders in the development of effective risk responses, including hands on development, tracking, and reporting of mitigation plans, ensuring alignment with risk appetite and strategic priorities.
Inter-Departmental Alignment: Partner with Internal Audit and Compliance to identify organizational risks and ensure a coordinated, "Three Lines of Defense" approach to risk management.
Independent Oversight: Provide independent oversight and constructive risk guidance to first-line risk owners while maintaining strong partnership across the organization.
Enterprise Reporting: Maintain and continuously improve Enterprise Risk Reporting, personally preparing management and Board-level risk materials, delivering actionable insights to senior leadership regarding identified or emerging risks.
Data Synthesis and Visualization: Assemble and summarize complex data sets using visualization tools to prepare high-level presentations for executive leadership, including direct development of dashboards, metrics and visualizations.
ERM Tools and Infrastructure: Oversee the strategic use and ongoing optimization of ERM technology and reporting tools, ensuring they effectively support enterprise risk insight rather than tool driven compliance.
Ad Hoc Analysis: Lead special projects and perform deep-dive quantitative analyses as requested by the SVP or executive leadership, including hands on research, modelling, and scenario analysis as appropriate.