Job Purpose
Supports the delivery of HMMME's Enterprise Risk Management (ERM) programme through the hands-on execution of risk identification, assessment, monitoring and reporting activities. Maintains the enterprise risk register and Key Risk Indicators, works with risk owners across the business to track risk treatment plans, and prepares clear, accurate risk reporting for the Risk Manager, senior management and the Audit & Risk Committee (ARC).
Generic Accountabilities
Leadership and People Management
- Supports the Risk Manager in the day-to-day delivery of the ERM program and may guide or review the work of junior staff, contractors or interns where assigned.
- Provides coaching and knowledge transfer to first-line risk owners and workshop participants.
- Proactively proposes practical improvements to risk processes and tools and supports assigned strategic initiatives.
- Positively advocates change and a strong risk culture across the Company.
Collaboration
- Works across functions, including Internal Audit, Compliance, HSE, Finance and Project / Operations, to gather risk information and support a coordinated assurance approach.
- Shares knowledge and good practice within the Risk Team to enhance collective capability.
- Constructively engages peers and risk owners to keep risk information accurate and current.
- Leverages support from the wider Audit & Risk Department to minimize time spent on administrative activities.
Business Partnering
- Builds working relationships with risk owners across the business to keep abreast of operational developments and their impact on the risk profile.
- Develops relationships internally and externally to enable effective sharing of risk information.
- Supports the Risk Manager with departmental and ARC reporting, as required.
Budget Monitoring
- Operates within the Risk Function's expense budget and agrees any variation, including travel and consultant costs, with the Risk Manager in advance of incurring the expense.
Policies and Procedures
- Performs all activities in line with the ERM Policy, methodology and the Company's Delegation of Authority.
Authority and Decision Making
- Reports to the Risk Manager and refers strategic and critical matters to them.
- Refers decisions with a significant impact on the Function to the Risk Manager / Head of Audit & Risk for approval.
- Executes assigned risk assessments and engagements within the ERM plan, applying the approved methodology.
Job Specific Accountabilities
Risk Identification and Assessment
- Plans and executes risk identification and assessment activities, facilitating or co-facilitating risk workshops with risk owners and documenting risks, causes, consequences and controls.
- Applies the Company's risk scoring methodology consistently and prepares clear risk assessment outputs for the Risk Manager's review.
- Conducts assigned deep-dive assessments and scenario analysis on specific risk areas (e.g. supply chain and logistics, project delivery, compliance).
Risk Register and Monitoring
- Acts as day-to-day custodian of the enterprise risk register, ensuring entries are complete, accurate, current and properly owned.
- Maintains and monitors Key Risk Indicators (KRIs), collecting data, tracking thresholds and flagging breaches or adverse trends to the Risk Manager.
- Performs ongoing horizon scanning to identify emerging risks for escalation.
Risk Treatment Tracking
- Tracks risk treatment and mitigation action plans, following up with action owners, challenging revised due dates, escalating overdue actions and verifying the closure of completed actions.
Risk Reporting
- Prepares draft risk reports, heat maps, KRI dashboards and ARC materials for the Risk Manager's review, ensuring consistency of ratings and clear presentation of key messages.
- Supports the consolidation of risk information into enterprise-level themes.
Business Continuity Support
- Supports the Business Continuity Management (BCM) program (ISO 22301), including business impact analysis, plan maintenance and the coordination and documentation of continuity tests.
Insurance and Risk Transfer Support
- Supports the coordination of the corporate insurance program, helping to maintain asset / exposure data and liaising with the Risk Manager and brokers as required.
Risk Culture and Awareness
- Supports the delivery of risk training and awareness activities and helps embed risk ownership in the first line.
Job Requirements
- Bachelor's degree in any field (Finance, Engineering, Business or a related discipline preferred).
- A recognized risk certification such as CRMA, FRM, PRM, ISO 31000, or equivalent is preferred (CIA, CPA, ACCA, CFE an advantage).
Experience:
- Minimum of 5-7 years experience in risk management, internal audit or assurance role within a complex organization or a Big 4 firm, preferably with exposure to the automotive or manufacturing sector.