Enterprise Risk Management (ERM) Analyst

About The Position

Requirements

• 4–6 years of experience in risk management, internal audit, or compliance, preferably within a health plan or managed care organization.
• Familiarity with CMS, HIPAA, NCQA, DHCS, and state insurance regulatory requirements.
• Bachelor’s degree in Business, Finance, Accounting, Risk Management, or Healthcare Administration
• Strong analytical and critical-thinking abilities; able to interpret and visualize data effectively.
• Advanced proficiency in Microsoft Excel; experience with Power BI, Tableau, or SQL a plus.
• Solid understanding of business process mapping and internal control frameworks.
• Strong written and verbal communication skills for both technical and executive audiences.
• Self-directed with proven ability to manage multiple tasks and deadlines in a regulated environment.
• Knowledge of COSO ERM, ISO 31000, and the Three Lines Model.

Nice To Haves

• Certified Internal Auditor (CIA)
• Certified Risk Management Assurance (CRMA)
• Associate in Risk Management (ARM)
• Certified in Healthcare Compliance (CHC)

Responsibilities

• Execute components of the ERM framework, including risk identification, assessment, and mitigation planning.
• Maintain and enhance the Enterprise Risk Register and Key Risk Indicator (KRI) dashboards.
• Lead or facilitate risk and control self-assessments (RCSA) with business units.
• Conduct trend and scenario analysis to identify emerging or systemic risks.
• Prepare concise risk summaries and presentations for senior leadership and risk committees.
• Perform operational and compliance control testing for key processes and risk areas.
• Lead or support internal audit engagements, including planning, fieldwork, and reporting.
• Develop, monitor, and validate corrective action plans (CAPs).
• Support readiness for external and regulatory audits (CMS, HIPAA, NCQA, DHCS, DOI, etc.).
• Maintain audit workpapers and ensure consistent documentation standards.
• Conduct ad-hoc risk, compliance, and performance analyses at the request of senior leaders or committees.
• Analyze operational and financial datasets to identify trends, control weaknesses, or potential compliance exposures.
• Develop visualizations and reports to support decision-making (using Excel, Power BI, or similar tools).
• Provide root cause analysis for audit findings, data quality issues, or process variances.
• Assist with benchmarking, loss event analysis, and incident trend monitoring to support enterprise reporting.
• Collaborate with Finance and Operations teams to align risk data with performance metrics and operational KPIs.
• Support development of management dashboards that integrate risk, audit, and compliance data sources.
• Partner with Compliance, Privacy, and IT Security teams to align risk oversight efforts.
• Contribute to process improvement initiatives and control optimization projects.
• Support risk education and awareness initiatives across business units.
• Other duties and projects not listed above