Director, Enterprise & Operational Risk

Location: VA Vienna - Headquarters Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

• Military Times 2021 Best for Vets Employers
• WayUp Top 100 Internship Programs
• Forbes® 2022 The Best Employers for New Grads
• Forbes® America's Best Employers
• Newsweek Top 100 Most Loved Workplaces
Fortune Best Workplaces for Women
Fortune 100 Best Companies to Work For®
• Computerworld® Best Places to Work in IT

Basic Purpose

Lead a GRC program for the Second Line of Defense Risk specialists and act as a thought leader working across the enterprise to develop and implement GRC enabled enterprise risk management practices, components, and framework. Partner with business units to drive GRC adoption, operational and strategic direction to improve overall GRC program, risk governance, and reporting in accordance with risk management standards by the three lines of defense. Develop, implement, and manage GRC Management processes to enhance effectiveness and ensure alignment with key enterprise objectives and corporate strategy.


• Leverages prior experience to provide advice regarding process rationalizing, transformation, and process improvement opportunities
• Drives the creation and adoption of future business architecture
• 10+ years of experience in enterprise GRC management plus substantial of interrelated control functions including audit, compliance, sox, and technology risk. 
• Extensive experience managing complex GRC programs involving interconnected systems and processes, with a focus on regulatory and insurance industry requirements and standards
• Identifies business and functional requirements for the GRC solutions
• Performs process risk and impact assessments of change requests and works with Technical Architect to review technical design
• Responsible for coordinating UAT for changes to the GRC solutions
• Participates in triage of change requests to determine approval levels required based on guiding principles for change management process
• Understand enterprise risk management (ERM) methodologies, procedures, and framework to drive consistency in analyzing, reporting, and governing enterprise risks
• Engage with first line of defense (1LOD) business units and other risk partners to support execution of enterprise GRC features and functionality. 
• Work with 1LOD partners to analyze other risk processes and practices that impact the overall risk posture
• Provide guidance and support as a subject matter expert: assist business units with developing organizational GRC capabilities and increasing value through effective risk management
• Partner with business and support areas to ensure GRC risk management processes are effective and representative of best practices
• Use analytical skills to conduct GRC process improvement, design & drive process excellence and optimization efforts to mature the program
• Contribute to development and evolution of Navy Federal’s risk appetite framework, including KRI/KPI reporting and governance. 
• Maintain a strong understanding of risk management methodologies and frameworks to drive enterprise-wide adoption of the common taxonomies.
• Understand how business processes, risks, controls, regulations, and other objects are implemented in the GRC system and develop plans to incorporate changes related to process, data and organizational hierarchies, collaborating with GRC Tech Architect.
• Work with internal stakeholders across the business to identify, assess, report, track, and remediate risks and support the development of risk mitigation strategies.
• Own, maintain, and periodically update policies, standards, procedures, exceptions, and other governance documents related to GRC program.
• Serve on teams and task groups for key risk initiatives across the organization
• Lead and support development of enterprise-wide training to drive awareness and a culture of GRC
• Manage and maintain inventory of significant program risks and monitor associated action plans
• Provide materials for the Enterprise Risk Management Committee and other committees as needed
• Perform supervisory/managerial responsibilities
 • Set direction to ensure goals and objectives align with corporate and division strategy
 • Select key personnel; oversee talent development and ensure skilled staffing
 • Develop, mentor, and counsel staff
 • Establish performance goals and priorities
 • Prepare, conduct, and review performance appraisals
 • Contribute to Annual Financial Plan (AFP) process
 • Ensure efficiency of operations
• Perform other duties as assigned

Qualifications and Education Requirements

• Bachelor’s degree in related field or the equivalent combination of experience, education, and training
• Expert knowledge of enterprise and operational risk management
• Expert in process mapping, risk taxonomy, risk minoring and reporting relevant risk areas and ERM and Operations Risk Management 
• Superior organizational, planning, and time management skills
• Strong skill influencing and building consensus with business partners
• Strong interpersonal, verbal, and written communication skills
• Extensive experience developing and delivering presentations to executive management
• Extensive experience managing multiple priorities independently and/or in a team environment to achieve goals
• Extensive experience managing and leading professional employees, consultants, and contractors 
• Advanced thought leadership providing vision and strategic thinking on decisions/issues
• Advanced skill in constructive criticism, feedback, and solutions to drive desired performance and achieve goals
• Advanced knowledge and understanding of strategic elements involving financial, operational, technical, and regulatory environments
• Advanced analytical thinking skills to include summarizing information and clearly identifying key patterns, outcomes, and relationships of business processes and functions
• Advanced skill exercising initiative and using good judgment to make sound decisions
• Ability to adapt and use new technologies and advanced word processing, spreadsheet, and data querying skills 

Desired Qualifications and Education Requirements

• Master’s degree or other advanced degree in a related field, or the equivalent combination of training, education, and experience
• Risk management or other similar certification
• PMP certification
• Preferred certifications - CISA and/or CRISC, along with functional administrator certification on the GRC Platform
• Advanced knowledge of Navy Federal’s functions, philosophy, operations, and organizational objectives
• Experience with credit union financials and/or NCUA regulations

Hours: Monday - Friday, 8:00AM - 4:30PM

Location: 820 Follin Lane, Vienna, VA 22180

Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report on-site 4-16 days each month. The number of days reporting on-site will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and on boarding process.

Salary Range: $134,300 - $189,500 annually

Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability

COVID-19 Safety Protocols

All employees are expected to follow our COVID-19 safety protocols.


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.