SVP Enterprise Risk Office

PenFed is hiring a (Hybrid) SVP Enterprise Risk Office at our Tysons, Virginia location. This role establishes PenFed Credit Union’s enterprise risk strategy and drives the design, implementation, integration and execution of the overarching Enterprise Risk Management framework and risk programs. This position plays a key role in championing a proactive risk-aware culture that balances robust risk governance with agile, resilient, and member-centric growth. Serving as a trusted risk advisor and strategic partner to the executive team and management and Board committees, this position oversees the Enterprise Risk Office to ensure independent, second-line effective challenge across Financial Risk (interest rate, liquidity, and capital), Capital Planning Stress Testing (CPST), Model Risk, Operational Risk, Data Governance, and emerging frontiers like AI. In addition, this leader manages second line engagement to ensure key business activities, technology transformation, and new strategic initiatives align with Board-approved risk appetites.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.

• Chair and run the Enterprise Risk Management Committee (ERMC); participate as a voting member in the Credit Risk Committee, the Allowance for Credit Loss Committee, and the Asset and Liability Committee. 

• Model, evangelize and educate the organization regarding a proactive Risk culture across the entire Enterprise. 

• Establish and quantify the organization's risk appetite and recommend to the Board of Directors the amount of risk that the organization is able and willing to take on. 

• Establish, enhance and monitor Key Risk Indicators to ensure adherence to board-approved risk appetite; set appropriate risk acceptance levels across the Enterprise. 

• At all times provide informed expert, and independent second-line challenge of risks related to PenFed strategies, performance and decision-making.  

• Work with cross-functional business leaders to regularly identify key risks across all risk categories; assess risks based on impact and likelihood; quantify, aggregate, and prioritize risks; validate or challenge risk management strategies; and monitor/report on residual risk. 

• Ensure all policies, processes, procedures, tools, technology infrastructure and information systems within the Enterprise Risk Office are current, accurate, and performing as intended.

• Establish or refine new policies, procedure and risk limits as required to ensure the Enterprise’s continued safety, soundness and strategic resilience. 

• Advance predictive risk measurement capabilities across the enterprise, and formulate strategic action plans to help minimize, manage, and mitigate primary risks and then monitor the progress of these efforts. 

• Develop, analyze, monitor and communicate real time and data-driven risk intelligence via key risk indicators (KRIs), key performance indicators (KPIs), and risk tolerance limits. 

• Enhance and maintain Enterprise-wide Risk and Controls Self-Assessment program and risk inventories, ensuring appropriate risk reporting for stakeholders including employees, executives, Board of Directors and regulators. 

• Ensure that risk management priorities are fully integrated into PenFed's strategic priorities and financial plans. 

• Work with First-Line controls teams to evaluate enterprise operational risks across business and technology domains which might disrupt or affect business processes and ensure appropriate remediation actions.

• Issue findings as appropriate to BUs outside of policy or risk appetite tolerances; collaborate across all 3LOD to improve Findings and Issues Management tracking, monitoring and resolution. 

• Lead the Enterprise Risk Office’s engagement in Enterprise CPST exercise as a primary second line challenger.   

• Interact with regulators on all aspects of risk management at PenFed across all 7 NCUA risk categories. 

• Provide quarterly Board updates on Enterprise Risk Programs, Key Risk Indicators, and emerging risk trends. 

• Develop budgets for risk-related requirements and projects and supervise their funding. 

• Conduct risk assurance and due diligence on behalf of the organization for new or expanded activities and initiatives, including but limited to mergers and acquisitions. 

• Develop, assign and regularly update training related to ERM purpose, functions and authorities and purpose, functions and authorities of other business areas involved in understanding and mitigating risk; identify SME presentations to augment as appropriate.   

• Coordinate and provide information requested from business units related to risk and/or specific organizational projects. 

• Identify, analyze and report emerging risks and trends that may impact PenFed and present treatment strategies. 

• In conjunction with Chief Compliance Officer, provide guidance and report on all key regulatory changes that impact PenFed’s risk landscape. 

• Evaluate strong risk methodologies, practices, and tools to effectively manage risks in both upside and downside scenarios, supporting the achievement of strategic business objectives. 

• Present recommendations for improving risk management capabilities and practices to the Executive Team, ERMC, and Financial Risk Management Committee, as appropriate. 

• Helps safeguard PenFed’s computer and IT systems by monitoring staff adherence of all security policies and related training for individuals managed by this role. Take appropriate action working with IT Security and HR when necessary to address any security breaches. 

*This role is responsible for ensuring business continuity.*

Equivalent combination of education and experience is considered.

• Bachelor’s degree in business or a related field with sufficient experience is required. 

• Twenty (20) years of management experience, with five (5) years serving in a VP or SVP role in the financial industry with direct management experience.  

• Minimum of 5 years leading a risk function in a regulated financial institution +$15B in assets.

• Familiarity with and implementation of robust financial risk frameworks and operational risk management programs; experience working with third line of defense staff.  

• Multi-year experience with model risk management at first- or second-line level. 

• Familiarity with regulatory requirements for Credit Union risk management. 

• Experience with Archer preferred experience with other risk and control tracking and management software welcome. 

• Direct management of cross-functional, sourced, or matrixed teams.  

• Experience working with Financial Industry regulators.  

• Experience working with Board of Director's. 

• Strong verbal and written communication skills with the ability to articulate complex technical ideas in easy-to-understand business terms.  

• Ability to accomplish results through others, particularly by establishing relationships and functioning controls; ability to provide leadership without ownership.  

• Experience in using A.I. tools preferred. 

Supervisory Responsibility

This position will supervise employees. 

Licenses and Certifications

CFA (CFA Institute) FRM (GARP); PRM (PRMIA); CRMP (RIMS) or other equivalent is highly desirable.

Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

*Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.*

Travel

Ability to travel to various worksites and be on-call is required.

#LI-Hybrid