Risk Analyst
Risk Identification & Assessment
Support enterprise-wide risk identification and assessment processes, including Risk and Control Self-Assessments (RCSAs), risk registers, and emerging risk identification.
Evaluate inherent and residual risks across key categories, including insurance, operational, financial, and strategic risks.
Maintain and enhance risk taxonomies aligned with NAIC and COSO ERM frameworks.
Participate in cross-functional engagements to support risk identification, assessment, and monitoring activities.
Contribute to the design, implementation, and ongoing improvement of the ERM framework.
Support the Own Risk and Solvency Assessment (ORSA) process, including documentation, reporting, and governance alignment.
Maintain ERM policies, standards, and procedures to ensure regulatory compliance and audit readiness.
Support governance activities, including preparation of materials and documentation for risk committees and working groups.
Collect, aggregate, and analyze risk data arising from risk assessments and business processes.
Support development and refinement of key risk indicators (KRIs) and risk metrics.
Perform research and analysis to support enterprise risk initiatives and emerging risk evaluations.
Capture and track risk events, near misses, and loss data to support risk trend analysis.
Maintain risk registers, KRIs, and risk appetite metrics.
Prepare risk reporting for senior management, risk committees, and the Board.
Track risk issues, control gaps, and remediation activities to support timely resolution.
Maintain ERM dashboards and support ongoing reporting and analytics initiatives.
Support regulatory and rating agency reporting, including ad hoc requests.
Partner with first- and second-line functions to evaluate control design and operating effectiveness.
Support the development and maintenance of standardized control libraries aligned with SOX, MAR, and NAIC expectations.
Identify control gaps and recommend practical, risk-based mitigation strategies.
Support regulatory exam readiness and response activities (e.g., state Department of Insurance examinations).
Monitor regulatory developments and assess impacts to the ERM framework.
Engage with underwriting, claims, actuarial, finance, IT, and legal & compliance teams to embed risk management practices.
Facilitate risk discussions, workshops, and training sessions as appropriate.
Qualifications
- Bachelor’s degree in risk management, finance, accounting, insurance, business, mathematics, or related field
- 2-5 years of experience in risk management, internal audit, compliance, or insurance operations
- Familiarity with insurance regulatory requirements, including NAIC guidance and ORSA
Preferred:
- Experience within a Property & Casualty insurance organization
- Working knowledge of enterprise risk management frameworks (COSO ERM, ISO 31000)
- Exposure to SOX, Model Risk Management (SR 11-7), AI Risk Management (NIST AI RMF), or IT GRC frameworks
- Progress toward or completion of professional certifications (ARM, CRM, CERA, etc.)