Job Summary:
We are seeking a highly skilled and motivated ERM Consultant to join our Enterprise Risk Management team. The successful candidate will support the identification, assessment, and mitigation of risks across the organization, providing actionable insights to strengthen our risk management framework and ensure alignment with regulatory, governance, and business objectives. The role requires a combination of technical ERM expertise, strong analytical capabilities, and stakeholder engagement skills.
Key Responsibilities:
- Conduct comprehensive risk identification, articulation, and assessment across business and IT processes using recognized ERM frameworks (COSO, ISO 31000).
- Analyze business processes, applications, and IT systems to identify potential risks, application controls gaps, and cybersecurity exposures.
- Establish new risk registers, update and maintain existing registers, and consolidate them into the corporate risk register, including dashboards and reports, using advanced Excel and relevant risk management tools.
- Collaborate with stakeholders to facilitate risk workshops, assess risk causes and existing controls, and recommend mitigation strategies.
- Develop, implement, and monitor risk treatment plans and controls, ensuring follow-up and accountability.
- Follow up with stakeholders on the implementation of mitigation plans and risk treatments on a regular basis to ensure effectiveness and timely completion.
- Prepare clear, insightful, and visually compelling presentations and reports.
- Support the ERM program by ensuring compliance with regulatory requirements, corporate governance standards, and internal policies.
- Participate in change management and risk-related initiatives, ensuring alignment with organizational objectives.
- Provide ongoing support and advice to business units to embed risk awareness and foster a risk-conscious culture.
Technical & Functional Skills:
- Total of 8 years’ experience, with at least 3–5 years in Enterprise Risk Management, ideally gained at a Big Four consulting firm.
- Strong expertise in ERM frameworks, risk assessment methodologies, and risk reporting.
- Advanced Excel skills for risk analysis, dashboards, and reporting.
- Solid knowledge of business processes, IT processes, application controls, general controls, and cybersecurity principles.
- Awareness of regulatory requirements, corporate governance standards, and compliance obligations.
- Familiarity with risk management software and GRC platforms.
Additional Competencies:
- Strong analytical and data interpretation skills, with the ability to provide actionable insights.
- Excellent stakeholder engagement, communication, and facilitation skills.
- Ability to brainstorm and design effective controls and mitigation strategies.
- Ability to work effectively under pressure, manage additional tasks assigned by line management, and remain dynamic, proactive, and adaptable in a fast-paced environment.
