The Director of Risk Management will be responsible for overseeing and managing the company's risk management programs, including SOX (Sarbanes-Oxley) and MAR (Model Audit Rule) compliance, internal audit, and Enterprise Risk Management (ERM). This role involves developing and implementing strategies to identify, assess, and mitigate risks, as well as ensuring compliance with regulatory requirements. The Director of Risk Management will work closely with senior management and various departments to promote a culture of risk awareness and effective risk management practices.
Key Responsibilities:
-
Lead the company's ERM, SOX and MAR compliance efforts, ensuring adherence to regulatory requirements.
-
Develop and maintain documentation of internal controls and processes.
-
Coordinate and oversee ERM/SOX/MAR testing and remediation activities.
-
Collaborate with external auditors to facilitate the annual SOX audit.
-
Develop and execute a comprehensive internal audit plan.
-
Conduct risk-based audits to evaluate the effectiveness of internal controls and compliance with policies and regulations.
-
Prepare audit reports and present findings to senior management and the Audit and Risk Committee.
-
Follow up on audit recommendations to ensure timely and effective remediation.
-
Perform annual risk assessments to identify and evaluate enterprise-level risks.
-
Develop and implement risk management strategies and frameworks.
-
Organize and facilitate risk committees to monitor and manage risks across various domains, including Technology, Regulatory & Compliance, and Operations.
-
Implement and manage the Third Party Risk Management program.
-
Build and lead a high-performing risk management team.
-
Provide coaching and development opportunities for team members.
-
Promote a culture of risk awareness and continuous improvement within the organization.
-
Work closely with senior management to ensure alignment of risk management activities with organizational objectives.
-
Communicate risk management strategies and initiatives to stakeholders.
-
Develop and deliver training programs on risk management practices and principles.
Qualifications:
-
Bachelor's degree in Accounting, Finance, Business Administration, or a related field. Advanced degree preferred.
-
Professional certifications such as CPA, CIA, CISA, or equivalent.
-
Minimum of 10 years of experience in risk management, internal audit, and SOX compliance, with at least 5 years in a leadership role.
-
Strong knowledge of risk management frameworks and regulatory requirements (ex. SOX, MAR).
-
Experience in developing and implementing risk management strategies and frameworks.
-
Proven track record of leading and managing high-performing teams.
-
Excellent communication and interpersonal skills, with the ability to interact effectively with senior management and stakeholders.
-
Strong analytical and problem-solving skills, with the ability to make sound decisions based on data and risk assessments.
-
Proficiency in risk management software and tools (e.g., Coupa, AuditBoard).
Preferred Qualifications:
-
Experience in the healthcare or financial services industry.
-
Knowledge of Agile Internal Audit practices and Dynamic Risk Assessment methodologies.
-
Familiarity with data analytics and artificial intelligence in risk management.