VP, Head of Enterprise Risk Management (ERM)

About The Position

Requirements

• Bachelor’s degree required; advanced degree preferred (e.g., MS in Risk Management or related field).
• 12–15+ years of progressive experience in risk management, compliance, or related fields within financial services (credit union or banking experience strongly preferred).
• 10–15 years of experience in senior leadership roles.
• Deep knowledge of enterprise risk management frameworks (e.g., COSO ERM).
• Strong understanding of NCUA regulations and supervisory expectations.
• Demonstrated expertise in Risk Appetite Frameworks & KRIs, RCSA Programs & Enterprise Risk Assessments, and Risk Governance & Reporting.
• Strategic thinker with strong execution capabilities.
• Exceptional communication and relationship management skills.
• Proven ability to build and mature risk programs within a dynamic environment.
• Strong analytical, problem-solving, and decision-making capabilities.
• High integrity and sound judgment.

Nice To Haves

• advanced degree preferred (e.g., MS in Risk Management or related field)
• credit union or banking experience strongly preferred

Responsibilities

• Lead the development, implementation, and ongoing enhancement of a formal Enterprise Risk Management (ERM) framework aligned with regulatory expectations and industry standards (e.g., COSO ERM Framework).
• Establish a holistic risk management approach that integrates risk awareness into strategic planning and operational decision-making.
• Provide enterprise-wide oversight of risk identification, assessment, mitigation, and monitoring activities.
• Maintain oversight across all seven NCUA risk categories, including Credit Risk, Interest Rate Risk, Liquidity Risk, Operational Risk, Compliance Risk, Strategic Risk, and Reputation Risk.
• Ensure risks are effectively assessed, documented, and managed across all business units.
• Design and oversee the Enterprise Risk Assessment program to identify emerging and top organizational risks.
• Lead the implementation and ongoing enhancement of Risk and Control Self-Assessments (RCSA) across the organization.
• Ensure consistency, quality, and reliability of risk assessments across business lines.
• Partner with business leaders to strengthen control environments and risk mitigation strategies.
• Develop, refine, and maintain the organization’s Risk Appetite Framework, ensuring alignment with strategic objectives and board expectations.
• Establish and monitor KRIs and thresholds to proactively manage risk exposure.
• Provide actionable insights and early warning signals to executive leadership.
• Deliver comprehensive, timely, and insightful risk reporting to executive management.
• Establish strong risk governance structures, including policies, committees, and escalation protocols.
• Ensure transparency and clarity regarding risk exposure, trends, and emerging risks.
• Oversee the Compliance function, ensuring adherence to applicable laws, regulations, and regulatory guidance.
• Maintain strong regulatory relationships and support regulatory examinations and audits.
• Ensure integration of compliance risk into the broader ERM framework.
• Provide executive oversight of Business Continuity and Disaster Recovery programs.
• Ensure organizational resilience through robust continuity planning, testing, and response capabilities.
• Oversee crisis management frameworks and incident response coordination.
• Oversee the Third-Party/Vendor Risk Management program, ensuring appropriate due diligence, risk assessment, and ongoing monitoring.
• Ensure compliance with regulatory expectations related to third-party risk management.
• Evaluate concentration risk, critical vendor dependencies, and operational resilience risks.
• Serve as a key leader overseeing technology-related risks, including Cybersecurity Risk, Information Security, Data Privacy & Governance, and Cloud & Third-Party Technology Risks.
• Partner with IT and Information Security leadership to ensure robust risk identification and mitigation practices.
• Ensure compliance with relevant regulatory guidance and frameworks (e.g., FFIEC guidance, NCUA expectations).
• Translate complex technical risks into clear business and executive-level insights.
• Lead, mentor, and develop a multi-functional risk team spanning ERM, Compliance, Business Continuity Planning (BCP), and Vendor Risk Management.
• Foster a strong risk culture across the organization through training, communication, and leadership.
• Serve as a trusted advisor to executive leadership on all risk-related matters.
• Collaborate cross-functionally with Finance, IT, Internal Audit, and business units.

Benefits

• 401(k) and Employer Match
• Health, Vision, Dental and Life Insurance
• Annual Incentive/Bonus Program
• Tuition Reimbursement Program
• 11 Paid Holidays + Competitive PTO package
• Home & Consumer Loan Program (Discounted Rates)
• Professional development and training programs
• On-demand personal coaching resource
• Wellness Program (Discounted Gym Membership)