A

Senior ERM Specialist

Job Description - Senior ERM Specialist

The Role


As our Senior Enterprise Risk Specialist, you will be Archer's subject matter expert on enterprise-wide risk – designing, embedding, and continuously improving our ERM framework across a global GRC business. Reporting to the Director of Risk and Compliance, you will operate at the intersection of governance, commercial growth, sales enablement, and third-party risk, translating risk insight into strategic and commercial decisions.


This is a senior individual contributor role with significant cross-functional influence, suited to an experienced ERM practitioner who combines deep technical knowledge with commercial awareness — and who can move fluently between framework architecture, executive reporting, client-facing conversations, vendor assurance, and quantitative risk modelling.


What You’ll Do


Enterprise Risk Framework & Governance



  • Maintain and evolve the firm-wide Risk Management Framework (RMF), ensuring alignment with ISO 31000, COSO ERM, NIST RMF, and applicable global regulatory expectations (including DORA, EU AI Act, and CPS230).

  • Own the risk taxonomy, risk appetite framework, and tolerance thresholds; present annual refresh recommendations to the Risk Committee and coordinate quarterly risk reporting to the Risk Steering Committee.

  • Lead the annual RCSA programme and drive 3LoD integration across ERM, operational resilience, business continuity, internal audit, and compliance — eliminating duplication and strengthening assurance.

  • Build and run the Risk Academy: design and deliver risk training programmes that embed risk awareness across the business.


Governance & Policy



  • Support the Director of Risk and Compliance on risk governance structure, including committee architecture, escalation pathways, delegated authorities, and the Enterprise Policy Governance Framework.

  • Oversee the enterprise risk register and Key Risk Indicator (KRI) programme; partner with Information Security to surface risk themes from incident analysis and assess aggregate exposures across the enterprise risk register.


Sales Enablement & Commercial Partnering



  • Partner with Sales and Go-to-Market teams to embed risk-informed thinking into pursuit strategy, proposal responses, and client onboarding; act as risk SME on strategic deals.

  • Review RFP security and risk questionnaires and contractual risk clauses; advise on acceptable positions and escalation triggers; collaborate with Legal on agreement reviews.

  • Build a library of reusable risk content — playbooks, position papers, and control narratives — that accelerates deal velocity without diluting risk standards.


Third-Party Risk Management



  • Own the end-to-end third-party risk lifecycle: inherent risk tiering, due diligence, contractual safeguards, ongoing monitoring, and offboarding — coordinating across Procurement, Legal, InfoSec, and Privacy.

  • Maintain the concentration and Nth-party risk view; report systemic dependencies into the enterprise risk profile and drive remediation plans with vendor owners, escalating residual risk decisions in line with appetite.


What You Bring



  • Deep, hands-on experience in enterprise risk management, operational risk, or a closely related discipline, with a track record of operating at a senior level within global organisations.

  • Proven track record of implementing or evolving ERM frameworks, including risk appetite, governance structures, and risk registers.

  • Strong working knowledge of global regulatory frameworks relevant to a GRC software provider, including DORA, EU AI Act, GDPR, NIS2, ISO 31000, and COSO ERM.

  • Experience conducting third-party and vendor risk assessments and managing supplier risk programmes.

  • Demonstrated ability to produce executive-level risk reporting and present to senior governance committees.

  • Clear, confident communicator; able to translate complex risk concepts for non-specialist audiences and produce high-quality written outputs including board-level reporting.

  • Highly self-directed; comfortable delivering in a fast-paced environment with minimal oversight.


Even Better If You Have



  • Degree in a relevant discipline (e.g. Risk Management, Business, Law, Finance), IRM qualification (International Certificate or Diploma in ERM), or equivalent professional certification (e.g. CRISC).

  • Experience partnering with compliance functions to translate regulatory requirements into operational risk programmes.

  • Experience designing and delivering internal risk training or awareness programmes.

  • Familiarity with financial services regulatory frameworks such as Basel III/IV, Solvency II, or FCA/PRA requirements.

  • Experience in a GRC, SaaS, or technology-enabled services environment.

  • Exposure to quantitative risk modelling techniques.

Original job Senior ERM Specialist posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Senior ERM Specialist Jobs in the UK

GrabJobs is the no1 job portal in the UK, connecting you to thousands of jobs fast! Find the best jobs in the UK, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.