Position Overview
The Risk Management Specialist plays a strategic role in supporting the Enterprise Risk Management (ERM) function by identifying, assessing, monitoring, and mitigating risks across the organization, with a strong emphasis on insurance industry operations and regulatory requirements. This role supports enterprise-wide risk initiatives, third-party risk oversight, fraud prevention compliance, and regulatory reporting while partnering with business leaders to promote a risk-aware culture.
This position reports to the Director of Enterprise Risk Management.
Essential Elements
Third-Party Risk Management (TPRM)
-
Support execution and continuous improvement of the TPRM program.
-
Conduct pre-contract due diligence and ongoing vendor risk assessments.
-
Facilitate annual vendor reviews and ensure timely remediation of identified issues.
-
Administer and maintain vendor risk management systems/platforms.
-
Prepare monthly and quarterly vendor risk dashboards and reporting.
Vendor Inventory Management
-
Maintain accuracy and completeness of the vendor inventory database.
-
Ensure vendor records remain current and compliant with internal standards.
Special Investigations Unit (SIU) Coordination
-
Coordinate investigations of suspected fraudulent insurance claims.
-
Maintain accurate and detailed investigative documentation.
-
Ensure compliance with state anti-fraud regulations and reporting deadlines.
-
File required reports with state Departments of Insurance.
-
Coordinate annual and new hire fraud awareness training.
Enterprise Risk Management Support
-
Support enterprise risk assessments, risk identification, mitigation planning, and monitoring activities.
-
Maintain enterprise risk registers and supporting documentation.
-
Assist with control assessments and issue tracking.
Risk Reporting & Analytics
-
Develop and maintain dashboards, KRIs, and management reporting.
-
Analyze trends and emerging risks for leadership review.
Compliance & Regulatory Support
-
Assist with ORSA documentation and NAIC-related reporting.
-
Review SOC 1 reports and track Complementary User Entity Controls (CUECs).
-
Support internal and external audit requests as needed.
Continuous Improvement / Projects
-
Participate in cross-functional strategic initiatives.
-
Identify automation and process improvement opportunities across risk programs.
Requirements
Education
-
Bachelor’s degree in Risk Management, Finance, Accounting, Business, or related field required. Equivalent experience considered.
Experience
-
0-2 years of experience in enterprise risk management, internal audit, compliance, insurance operations, or related field preferred.
-
Experience with third-party risk management, vendor governance, or GRC systems strongly preferred.
-
Experience with insurance regulatory environments highly desirable.
Skills
-
Microsoft Excel, PowerPoint, Word (advanced proficiency preferred)
-
Experience with GRC platforms, vendor management tools, or data visualization tools (Power BI preferred)
-
Strong analytical and critical thinking skills
-
Excellent written and verbal communication
-
High attention to detail and organization
-
Ability to manage multiple priorities independently
-
Strong stakeholder relationship skills
Travel Required