Senior Manager, Enterprise Risk Management

Visa•Foster City, CA

12d•Hybrid

About The Position

The Enterprise Risk Management organization at Visa maintains the enterprise risk framework along with each of its taxonomies and plays the role of risk business partner to all the corporate functions. Risk Governance and Appetite: Lead the development, maintenance, and implementation of Visa’s ERM Foundation, including Policy, Risk Appetite Framework, and ERM methodologies aligned with industry best practices (COSO, OCC guidance, PFMIs). Perform ERM capability assessments and self-assessments to inform strategic priorities for Corporate Risk. Drive digitization and automation of risk processes, including enhancements to Visa’s GRC platform for enterprise risks and KRIs. Conduct external scans and maintain a repository of emerging risk management standards, regulatory guidance, and best practices. Support strategic initiatives in emerging risk areas such as Climate Risk and AI Governance. Operational Risk Management & Risk Assessment: Manage the Risk & Control Self-Assessment (RCSA) process for Global Substantive Compliance Areas (SCA) and newly acquired entities. Partner with process owners to identify risks, challenge control effectiveness, and implement mitigation strategies. Monitor risk profiles through Key Risk Indicators (KRIs) and other tools to enable early identification of trends. Provide training to program owners on operational risk concepts and lead workshops to embed risk awareness. Oversight & Reporting: Prepare reports, memos, and presentations for Senior Management and Governance Committees. Ensure readiness for regulatory exams, internal audits, and external reviews related to ERM and ORM frameworks. Maintain global inventory of risks, controls, and mitigation plans to proactively identify adverse trends. Culture & Education: Champion risk culture by building partnerships across the organization and delivering training sessions. Maintain and execute the annual corporate risk training calendar, including “train-the-trainer” programs for global/regional risk teams. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager. No relocation assistance will be provided for this position.

Requirements

8 or more years of relevant work experience with a Bachelor Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD
Strong understanding of ERM and ORM methodologies, including risk appetite, scoring, mitigation, and acceptance.
Hands-on experience applying risk management standards (COSO, PFMIs, OCC guidance).
Prior experience in a second line of defense role providing oversight and driving risk maturity.
Excellent communication, facilitation, and stakeholder engagement skills.
Proficiency in MS Word, Excel, Access, and PowerPoint.
Strong analytical and data management skills, including KRI development and risk reporting.
Proven ability to work independently and influence across a global, matrixed organization.

Nice To Haves

9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
Bachelor’s degree in Finance, Accounting, Business, Mathematics, or related field.
Experience in the payments industry or financial services.
Familiarity with GRC platforms (e.g., IBM OpenPages) and experience leveraging GenAI in risk management.

Responsibilities

Lead the development, maintenance, and implementation of Visa’s ERM Foundation, including Policy, Risk Appetite Framework, and ERM methodologies aligned with industry best practices (COSO, OCC guidance, PFMIs).
Perform ERM capability assessments and self-assessments to inform strategic priorities for Corporate Risk.
Drive digitization and automation of risk processes, including enhancements to Visa’s GRC platform for enterprise risks and KRIs.
Conduct external scans and maintain a repository of emerging risk management standards, regulatory guidance, and best practices.
Support strategic initiatives in emerging risk areas such as Climate Risk and AI Governance.
Manage the Risk & Control Self-Assessment (RCSA) process for Global Substantive Compliance Areas (SCA) and newly acquired entities.
Partner with process owners to identify risks, challenge control effectiveness, and implement mitigation strategies.
Monitor risk profiles through Key Risk Indicators (KRIs) and other tools to enable early identification of trends.
Provide training to program owners on operational risk concepts and lead workshops to embed risk awareness.
Prepare reports, memos, and presentations for Senior Management and Governance Committees.
Ensure readiness for regulatory exams, internal audits, and external reviews related to ERM and ORM frameworks.
Maintain global inventory of risks, controls, and mitigation plans to proactively identify adverse trends.
Champion risk culture by building partnerships across the organization and delivering training sessions.
Maintain and execute the annual corporate risk training calendar, including “train-the-trainer” programs for global/regional risk teams.