Enterprise Risk Management (ERM) Analyst
SAFE Credit Union · Folsom, CA · 2 wk ago
Sales$110k–$120k/yrFull-time
POSITION PURPOSE
This position is responsible for supporting SAFE's Enterprise Risk Office. This position will be responsible for supporting the development, implementation, execution, and management of key programs the Enterprise Risk Management program, Business Continuity Management, Information Assurance, and Vendor Risk Management.
Essential Functions And Basic Duties
- Enterprise Risk Management
Support the development and execution of a comprehensive Enterprise Risk Management (ERM) program aligned with SAFE’s goals and risk appetite.
Assist in developing and refining ERM frameworks, methodologies, and tools to identify, assess, and mitigate risks across the enterprise.
Provide support in establishing and monitoring the risk appetite framework, ensuring its integration into strategic planning and decision-making processes.
Execute activities related to the risk appetite framework, including tracking risk levels, assessing exposures, and implementing risk mitigation strategies.
Collaborate with line-of-business teams and support functions to integrate the ERM operating framework throughout the organization.
Help develop ERM education materials to promote a risk-aware culture, educating SAFE employees about the importance of risk management and their roles in the process.
Support the implementation of a comprehensive Key Risk Indicator (KRI) framework, including identifying and defining critical indicators to monitor and assess organizational risks. - Business Continuity Management
Assist in the coordination of annual vendor management review process.
Complete other duties and special projects, assigned.
Assist in maintaining an effective business continuity program and assess the maturity levels of the program against goals.
Facilitate and coordinate the completion of the Business Impact Analysis review process.
Participate in developing and providing business continuity management awareness education to business partners.
Participate in the creation, coordination, facilitation, and communication of business continuity exercises, including but not limited to table-top exercises, simulation testing, and full-scale exercises.
Assist in evaluating the effectiveness of the disaster recovery planning and testing.
Manage and Control SAFE’s business continuity software. - Vendor Risk Management
Assist with third-party risk assessments and due diligence reviews for new and existing vendors, including evaluation of financial, operational, cybersecurity, compliance, and reputational risks.
Monitor vendor risk profiles and coordinate periodic reviews to ensure ongoing compliance with organizational policies, regulatory requirements, and risk appetite.
Analyze vendor documentation, including SOC reports, financial statements, business continuity plans, information security questionnaires, and insurance coverage.
Track and report third-party risk metrics, KRIs, assessment results, and remediation activities to management and risk committees.
Partner with business units, and Contract Administrator, Info Sec, Compliance, and other teams to identify, assess, mitigate and monitor third-party risks throughout the vendor lifecycle.
Support compliance with applicable regulatory guidance related to vendor management and third-party oversight, including NCUA requirements, by facilitating risk assessments, contract reviews, and documentation retention.
Qualifications
- Experience Required: Candidates should possess 3-5 years of relevant experience, or alternatively, equivalent education or risk management certification may be considered in lieu of experience.
- To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
- Required Knowledge: At least two years in a financial institution environment preferred.
- Skills/Abilities: Excellent verbal and written communication skills, excellent interpersonal, communication, and leadership skills, as success in this position depends on building rapport and credibility with multiple stakeholders across the organization, superior critical thinking and analytical skills, ability to research and interpret a variety of professional standards and regulatory guidelines for enterprise risk management areas, knowledgeable in major areas of credit union operations, and of the three lines of defense model, risk management principles, and Enterprise Risk Management (ERM) frameworks, ability to work independently, as well as part of department and project teams, must have strong prioritization skills and be able to multitask, proficient Excel skills.