Senior Manager

As Senior Manager, Enterprise Risk Management you will play a crucial role in developing and implementing the organization’s Enterprise Risk Management (ERM) and Governance, Risk, and Compliance (GRC) strategies. This role involves identifying, assessing, and mitigating risks across the enterprise, leading risks associated with third-party vendors, and ensuring compliance with regulatory requirements. The ideal candidate will have a strong background in risk management, excellent analytical skills, and the ability to influence and collaborate with senior leadership. This position will coordinate with other key leaders in the company regarding risk management and play an integral role on the ERM Council, to assure alignment of the organization’s objectives with its management of strategic risks and key operational risks.

The Enterprise Risk Senior Manager, will be responsible for rebuilding and implementing Hagerty’s Enterprise Risk Program including conducting annual risk assessment using Hagerty’s GRC Platform, establish and lead the Risk Council, ensure minimum risk compliance requirements are met, develop risk awareness training across the enterprise, develop CEO and Board level reporting, with collaboration with key leaders. Through this rebuild, this role will strengthen Hagerty’s risk management practices, as well as to ensure that a consistent framework is in place to systematically identify, measure, mitigate, report, monitor and lead the most significant strategic and key operational risks.

Ready to get in the driver’s seat? Join us!

What you’ll do

• Develop and implement the organization’s ERM framework and strategy to align with the size and complexity of the enterprise

• Develop and implement the organization’s ERM framework including establishing and leading the Enterprise Risk Council.

• Develop and align risk management guidelines, standards, and policies to report operational and strategic risks, and to meet minimum compliance and regulatory requirements including insurance and non-insurance requirements

• Conduct annual risk assessment to support identification of key risks and support mitigation plans. (Strategic, Operational, Financial, Technology and Compliance)

• Ensure the completion of minimum regulatory requirements are met related to risk management per National Association of Insurance Commissioners, Security Exchange Commission, Bermuda Monetary Association and International Regulations.

• Develop and maintain Executive Risk Management Scorecards and Risk Profiles in partnership with risk owners across the enterprise

• Monitor and report on the effectiveness of risk management activities and risk reporting to the CEO Group and Audit Committee.

• Provide guidance and support to business units on risk management best practices.

• Foster a risk-aware culture across the organization through training and communication.

• Develop Governance, Risk and Control/Compliance (GRC) tool strategy for the organization by using existing GRC platform or other opportunities

• Develop and maintain enterprise risk reporting for the risk council, executive group and Audit Committee.

• Develop key relationships with IT leaders responsible for IT Governance, Risk and Compliance to ensure coordination between ERM and IT Risk Management is operationalized

• Stay on top of critical initiatives / implementations for risk identification, risk mitigation strategies and overall reporting

• Develop and promote plans for risk mitigation for key strategic and operational risks

• Coordinate reporting with key enterprise leaders responsible for leading core Committees (i.e., Information Security Council, TPRM, Data Governance, etc.) to ensure unified reporting occurs to the Risk Council and CEO Group.

Additional Duties:

• Be a core contributor in developing and maintaining processes and risk management tools to facilitate enterprise risk discussions and to help the business define and measure success

• Leverage knowledge of business, industry, and current market to provide input for strategic research

This might describe you

• Four-year degree in Business or related field

• Proven experience in Enterprise Risk Management and IT Risk Management

• Consistent track record of building and implementing risk management frameworks and third-party risk strategies.

• Excellent verbal and written communication skills

• Ability to switch between work assignments quickly, and work under deadlines

• Influence, educate and collaborate with senior leadership and cross-functional teams when building and developing risk programs

• Operate with a supportive and responsive manner

• Very strong analytical and critical-thinking skills, business acumen, research, and problem-solving abilities

• Ability to collaborate with employees at all levels across the enterprise and in team settings

• Ability to effectively prioritize and complete tasks in a fast-paced environment and emerging growth company

• Experience in collaborating with and addressing executive teams, business management, and external teams

• Ability to convey issues and ideas in both business-friendly and technical-friendly language

• Ability to provide a financial assessment surrounding a risk is desirable (i.e., Enterprise Value Approach, FAIR methodology preferred)

• Proficient in Microsoft Office (Word, Excel, Access, and Outlook)

• Demonstrated knowledge of COSO ERM, ISO 32001 ERM, S&P ERM Framework and Third-party Risk Management subject areas

• Knowledge of GRC platforms (i.e., Highbond/Diligent One, Service Now, AuditBoard)

• Publicly traded company disciplines and regulatory knowledge (NYDFS, SEC, NAIC, BMA and international regulations)

• Preferred professional certification in Certified in Risk and Information Systems Control - CRISC, CIA, CRMA or related RIMS or ARM – Associate in Risk Management, Third Party Risk Management Certification.

Other things to note

• This role can be worked from any U.S. remote location.

• Familiarity with public company requirements, including Sarbanes Oxley and key regulations, if applicable. For SOX compliant roles, responsible for designing, executing, and documenting internal controls where they have been identified as owners to prevent errors in financial reporting, processes, and business operations. Including attestation to the completeness, accuracy, and compliance of all financial reporting data, where applicable.

Say hello to Hagerty

Hagerty is an automotive enthusiast brand and the world’s largest membership organization. Along with being a best-in-class provider of specialty insurance for enthusiasts, Hagerty is also home to the Hagerty Drivers Foundation, Garage + Social, Hagerty Drivers Club, Marketplace and so much more. Committed to saving driving for future generations, each and every thing Hagerty does is dedicated to the love of the automobile.

Hagerty is a rapidly growing company that values a winning culture. We provide meaningful work for and invest in every single team member.

At Hagerty, we share the road. We are an inclusive automotive community where all are welcomed, valued and belong regardless of race, gender, age, or car preference. We are united by our shared passion for driving, our commitment to preserve car culture for future generations and our desire to make a positive impact in the world.

If you reside in the following jurisdictions: Illinois, Colorado, California, District of Columbia, Hawaii, Maryland, Minnesota, Nevada, New York, or Jersey City, New Jersey, Cincinnati or Toledo, Ohio, Rhode Island, Vermont, Washington, British Columbia, Canada please email [email protected] for compensation, comprehensive benefits and the perks that set us apart.

#LI-Remote

EEO/AA

US Benefits Overview

Canada Benefits Overview

UK Benefits Overview

If you like wild growth and working with happy, enthusiastic over-achievers, you’ll enjoy your career with us!