Director, Enterprise Risk Management

Please reference the schedule and minimum qualifications listed below before applying.

If you need assistance with filling out our application form or during any phase of the application, interview, or employment process, please notify our Human Resources Team at 801-366-6947 option 1 or email macurecruiting@macu.com and every reasonable effort will be made to accommodate your needs in a timely manner.

Job Summary

The Director of Enterprise Risk Management is an enterprise wide leader within Mountain America Credit Union’s Enterprise Risk Management (ERM) function, reporting to the Vice President of Enterprise and Operational Risk Management. The role is responsible for governing, executing, and advancing the ERM program to ensure enterprise risks are identified, assessed, monitored, and reported in alignment with strategic objectives and regulatory expectations.
As part of the second line of defense, the Director leads enterprise risk governance, risk appetite and key risk indicator (KRI) processes, emerging risk monitoring, and enterprise risk reporting. The role partners closely with Compliance, Internal Audit, Legal, Technology, and business leadership to ensure enterprise risks are visible, consistently applied, and effectively embedded in decision making across the organization.

Job Description

To be effective, an individual must be able to perform each essential duty successfully.

Essential Duties and Responsibilities

• Govern and execute the Enterprise Risk Management program, including the enterprise risk taxonomy, top‑down identification of enterprise risks, emerging risk monitoring, and enterprise‑level risk reporting.
• Establish and maintain effective enterprise risk governance, including committees, charters, operating models, cadence, and escalation practices to support consistent risk oversight and decision‑making.
• Manage the enterprise risk appetite framework, including periodic updates, supporting KRIs, thresholds, escalation criteria, and executive and Board‑level materials.
• Aggregate, analyze, and synthesize enterprise risk information across business units and second‑line functions to deliver clear, decision‑ready insights for senior leadership and governance forums.
• Design and oversee enterprise‑level risk assessment processes supporting strategic initiatives, new products, and material changes, enabling early risk identification and alignment with governance expectations.
• Lead the evolution of ERM capabilities, tools, and infrastructure, including GRC / Integrated Risk Management platforms, workflows, data quality, and reporting, in partnership with Technology and other stakeholders.
• Monitor regulatory and supervisory expectations related to enterprise risk management and serve as the primary point of contact for enterprise risk‑related examinations, coordinating planning, responses, and thematic issue tracking.
• Provide credible challenge and thought leadership by applying sound judgment, structured analysis, and an enterprise perspective to risk prioritization and decision support.
• Lead and develop the enterprise risk team, setting priorities, allocating work, and building capability to deliver consistent, high‑quality ERM outcomes through strong cross‑functional partnership.

Knowledge, Skills, and Abilities

The requirements listed are representative of the knowledge, skills, and abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.

Education and Experience

•  5+ years of leadership experience in a management role, overseeing risk management teams
• 8+ years of progressive experience in enterprise risk management, operational risk, compliance risk, audit, or related disciplines within financial services

• Bachelor’s degree in finance, economics, business, or a related field required (Master’s degree preferred or equivalent experience)
• Demonstrated experience operating enterprise‑level risk frameworks, including risk governance, risk appetite, KRIs, and enterprise risk reporting
• Experience working in a second line of defense role within a regulated financial institution
• Knowledge of GRC / Integrated Risk Management platforms, including risk analytics, dashboards, and reporting capabilities, with the ability to oversee and direct platform use and development (hands‑on experience preferred).

Licenses, Certifications, Registrations

• Preferred certifications include CUERME, CRM, CRCMP, or similar risk‑related credentials

Knowledge, Skills, and Abilities

• Enterprise risk management expertise, including governance practices, risk domains, and regulatory expectations (e.g., NCUA, FFIEC, CFPB)
• Advanced analytical skills to synthesize complex risk information, apply sound judgment in ambiguity, and produce decision‑ready narratives
• Executive‑level communication and influencing skills.
• Technology fluency related to GRC / IRM platforms, workflow enablement, data quality, and reporting automation
• Ability to lead and develop professional teams through coaching, prioritization, and capability building
• Ability to operate effectively in a second‑line role, balancing independence with collaboration across functions

Physical Abilities / Working Conditions

Physical Demands

Ability to sit, talk, and hear consistently.

Vision Requirements

• Close vision (clear vision at 20 inches or less)
• Distance vision (clear vision at 20 feet or more)
• Color vision (ability to identify and distinguish colors)

Weight Lifted or Force Exerted

Ability to lift up to 10 pounds frequently and up to 25 pounds occasionally.

Environmental

Typical office environment; no unusual environmental factors.

Noise Environment

Moderate noise (business office with computers and printers, light traffic).

This job is not eligible to be performed in Colorado or Connecticut, either remotely or in person.

Mountain America Credit Union is an EEO/AA/ADA/Veterans employer.