Director, Risk Management

About The Position

Requirements

• Four-year degree with a major in Business, Criminal Justice, Accounting, or other related field.
• A minimum of 10 years’ experience in a financial services organization, to include demonstrated leadership.
• Senior manager with extensive experience in Enterprise Risk Management, governance, and regulatory oversight
• Trusted advisor to executive leadership on risk appetite, strategy, and resilience
• Proven leader in enterprise-wide risk program design and execution aligned to business objectives.
• Deep knowledge of risk frameworks and regulatory standards (e.g., COSO ERM, ISO 31000)
• Strong communicator recognized for translating complex risk into clear, actionable insights
• Collaborative leader with a record of building high-performing, cross‑functional teams
• Excellent leadership and communication skills
• Understanding of credit union products and services
• Excellent oral and written communication skills
• Sound analytical skills and strong problem-solving skills
• PC skills, including proficiency in Microsoft Word and Excel
• Ability to work under tight time frames and on issues that can have a significant impact on The Summit
• Ability to analyze data and make decisions or recommendations to Senior Leadership
• Ability to manage multiple deliverables, as well as ad hoc projects. Establish appropriate expectations and subsequently deliver the final product as agreed upon.
• Ability to manage multiple tasks
• Ability to keep duties organized
• Must be able to travel to various branches and the corporate office periodically or as needed to attend meetings
• Subject to the compliance requirements of all related federal regulations, including but not limited to; the Bank Secrecy Act (BSA), Anti Money Laundering (AML), Information Security and Privacy policies and procedures. Employees complete annual BSA, AML, Information Security, Privacy and other job-related training requirements as established by the Summit and within deadlines.

Nice To Haves

• Advanced degree and/or certification (Compliance, Risk Management, etc.) strongly preferred.
• NCUA regulatory compliance experience preferred.

Responsibilities

• Lead the design, implementation, and ongoing maturity of the enterprise risk management (ERM) framework aligned with the Credit Union’s strategic objectives and risk appetite.
• Serve as a key advisor to senior leadership and the Risk Committee on risk exposures, emerging threats, and risk mitigation strategies.
• Ensure compliance with applicable regulatory guidance (e.g., NCUA, state regulators) and industry best practices.
• Coordinate cross‑functional risk activities with all departments including IT, Compliance, Fraud, Facilities, Human Resources, and Operations.
• Oversee periodic enterprise‑wide risk assessments, including operational, strategic, compliance, reputational, and third‑party risks.
• Monitor risk metrics, key risk indicators (KRIs), and reporting dashboards for exposure and control effectiveness.
• Ensure timely escalation of material risks, control weaknesses, or incidents to senior leadership and the Risk Committee.
• Oversees the Physical Security Officer in day‑to‑day direction and priority setting, ensuring alignment with organizational goals, while operating within a shared physical security governance model with Facilities, Information Security and Member Services.
• Coordinate with other Credit Union stakeholders to ensure appropriate safeguards are in place for members, employees, and asset protection (e.g., access controls, alarms, surveillance, cash handling controls).
• Oversee incident response, investigations, and post‑incident reviews related to robberies, break‑ins, workplace violence, or other security events.
• Lead the third‑party risk management (TPRM) program, and maintain robust due diligence, onboarding, risk tiering, and ongoing monitoring standards for vendors and service providers.
• Oversee the assessment of vendor controls related to security, business continuity, regulatory compliance, and financial stability.
• Ensure contracts and service‑level agreements appropriately address risk, confidentiality, audit rights, and regulatory expectations.
• Develop, maintain, and enforce risk management–related policies, standards, and procedures across the organization. Periodically test adherence to policies through reviews, assessments, and coordination with Internal Audit.
• Communicate risk concepts in a practical, business‑focused manner that supports informed decision‑making.
• Support risk education related to physical security awareness, vendor risks, and operational resilience.
• Stay informed of regulatory changes, industry trends, and emerging threats relevant to credit unions.
• Support regulatory examinations, audits, and remediation efforts related to risk management.
• Coordinate with the Director of Compliance and Risk Management in the execution of the compliance testing program to validate the integrity of current policies and procedures pertaining to regulatory adherence.
• Lead the vendor management function and supervise the ERM vendor management analyst in the execution of the vendor management program to provide for effective third-party risk management for the credit union.
• Assist SVP of Enterprise Risk Management with the overall disaster recovery preparedness of the Credit Union. Oversee the coordination, testing and maintenance of the credit union’s business recovery plan as necessary.
• Perform other tasks and duties as assigned.
• Provide a positive example to all areas of the Credit Union through interactions with others.