Head of Enterprise Risk Management

Job Summary:

The Head of Enterprise Risk Management (ERM) is responsible for designing, implementing, and advancing a comprehensive enterprise risk management framework that integrates risk intelligence into strategic planning, capital allocation, performance management, governance, and transformation initiatives. Reporting to the Chief Risk Officer (CRO), the role provides enterprise-wide leadership, authority, and influence to establish consistent risk standards, enhance forward looking risk visibility, and support executive and Board decision making.

Job Responsibilities:

• Architect, implement, and mature the enterprise risk management framework aligned to strategy, capital, and performance objectives.
• Define and operationalize enterprise risk appetite and tolerances in collaboration with executive leadership and the Board; cascade into policies, incentives, performance management, and investment decisions.
• Establish and maintain enterprisewide risk governance, including a common risk language, taxonomy, and measurement standards.
• Develop an effective Three Lines of Defense model, delineating ownership and influence across riskrelated functions including capital management, operational risk, IT/Cyber, compliance, legal, internal audit, and business units.
• Lead recurring Enterprise Risk Assessments (ERAs) and materiality analyses; maintain an enterprise risk register capturing risk velocity, interdependencies, concentrations, and residual exposure.
• Implement key risk indicators (KRIs), earlywarning mechanisms, scenario analysis, stress testing, and emerging risk monitoring.
• Serve as an independent enterprise challenger to strategic decisions, capital deployment, and portfolio tradeoffs.
• Embed riskadjusted decisionmaking into strategy development, M&A, capital planning, portfolio management, and largescale transformation initiatives.
• Partner with the Financial Planning & Analysis (FP&A) department and business leadership to integrate risk impacts into forecasts, plans, and resource allocation decisions.
• Ensure major programs and initiatives include defined risk gates, mitigation plans, and postimplementation reviews.
• Oversee and strengthen operational risk management, including Risk and Control Self-Assessments (RCSAs), incident and loss event reporting, remediation tracking, and thematic analysis.
• Support enterprise resilience through Business Continuity, Disaster Recovery, and Crisis Management planning, simulations, and afteraction reviews.
• Enhance ThirdParty Risk Management, including due diligence, segmentation, ongoing monitoring, and exit planning using a tiered oversight approach.
• Develop enterprise risk data, analytics, and dashboards to provide timely insights, trend analysis, heatmaps, KRIs, and scenario outcomes.
• Establish effective executive and Board risk reporting cadences and automate reporting processes to improve timeliness and data quality.
• Provide input into ORSA, capital adequacy, emerging risk disclosures, and regulatory risk reporting as applicable.
• Build and sustain a strong enterprise risk culture through clear accountability, rolebased enablement, and leadership engagement.
• Lead, develop, and scale a highperforming ERM team, including leveraging centers of excellence and embedded business risk champions.
• Provide strategic input to the CRO on segment strategies, risk appetite breaches, and aggregated enterprise risk and capital usage.

Job Qualifications:

• 12+ years of progressive experience in enterprise risk management, finance, strategy, or related leadership roles.
• 5+ years of senior people leadership experience.
• Bachelor's degree in Finance, Risk Management, Accounting, Business, or a related discipline required; advanced degree preferred.
• Experience operating at the executive and Board level.
• Strong understanding of ERM frameworks, capital management, operational risk, governance, and enterprise transformation.
• Insurance or financial services industry experience preferred.

Licenses and Certifications:

• Professional risk or finance certifications (e.g., CPA, CFA, FRM, CERA) preferred.

Behavioral Competencies:

• Collaborates
• Communicates Effectively
• Customer Focus
• Decision Quality
• Nimble Learning
• Builds Effective Teams
• Business Insight
• Develops Talent
• Directs Work
• Ensures Accountability
• Manages Complexity
• Drives Vision and Purpose
• Strategic Mindset

Technical Skills:

• Enterprise Risk Management
• Risk Appetite & Governance
• Scenario Analysis & Stress Testing
• Capital & Portfolio Risk
• Operational Risk Management
• Resilience & Crisis Management
• ThirdParty Risk Management
• Risk Data & Analytics
• Controls Assessment
• Stakeholder Management

This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.