Director - Enterprise Risk Program

The Director of the Enterprise Risk Program within Internal Audit is responsible for developing, leading, and maintaining the company’s enterprise risk management (ERM) framework and integrating risk considerations into the internal audit function as well as Senior and Executive Leadership strategic decision making. This leader works closely with executive management, risk owners, and the audit committee to ensure a proactive, aligned, and strategic approach to identifying, assessing, and managing enterprise-level risks.ESSENTIAL DUTIES AND RESPONSIBILITIES ERM Framework & Governance:Lead the development and ongoing enhancement of the enterprise risk management (ERM) framework.Oversee the identification, assessment, prioritization, and monitoring of enterprise risks.Facilitate risk workshops and interviews with senior leadership to align strategic objectives with risk appetite and tolerance.Work across organization to strengthen governance processes to reduce risk.Integration with Internal Audit:Align the internal audit plan with the company’s top enterprise risks.Collaborate with audit leaders/teams to ensure risk-focused audit execution and reporting.Serve as a strategic advisor on risk issues uncovered during audits and offer remediation strategies.Risk Reporting & Communication:Prepare and present risk reports and dashboards to management and CAEMaintain and update the enterprise risk register and risk heat maps.Communicate risk insights to business units and serve as a trusted advisor for risk mitigation strategies.Cross-Functional Collaboration:Partner with compliance, legal, information security, finance, and other risk-related functions.Support risk ownership across the enterprise and promote a strong risk culture.Champion risk awareness and education across all levels of the organization.Establish key risk review groups / committees to monitor identified key risks (Ex: Sovereign Risks, Operational Risk, etc.)Regulatory & Industry Monitoring:Monitor changes in regulatory requirements and industry risk trends.Ensure compliance with regulatory expectations and best practices in ERM and internal audit.