Enterprise Risk Manager

SUMMARY

The Enterprise Risk Manager serves as the strategic leader driving Subaru of America's (SOA) enterprise risk management and business continuity framework, known as SOAR (Subaru's Enterprise Risk Program).

This role ensures that risk awareness, mitigation, and resilience are embedded across the organization-empowering SOA to anticipate challenges, respond to disruptions, and safeguard critical business operations.

MAJOR RESPONSIBILITIES


* Develops, implements, and manages enterprise risk management strategies and systems to ensure that Subaru's enterprise risk program, SOAR, is embedded and operationalized throughout Subaru of America (SOA).


* Develops, standardizes, implements, and maintains SOA's business continuity program to minimize disruption to employees, customers, and operations.

Trains and provides guidance to risk owners.

Coordinates plan integration and testing with SOA Crisis Communications and Information Technology (IT) teams and external suppliers.


* Maintains responsibility for the annual SOAR assessment which includes risks and opportunities identification, likelihood and impact scoring, and aggregating and evaluating mitigation strategies utilizing stakeholder interviews and industry insights.


* Prepares and presents updates on SOAR operations, risk register, heat map, dashboards, risk mitigation, and emerging exposures to SOA, affiliate and parent company leadership, and risk owners.


* Develops, maintains, improves, and tests business continuity plans using established standards and customized solutions across SOA's business operations, ensuring consistency and alignment with crisis management manual and incident response plans.

Stores plans in a central location.


* Partners with risk owners to ensure that appropriate action is being taken to proactively address and mitigate risks.


* Acts as a trusted advisor on risk issues, ensuring that current and emerging risks are properly identified, assessed, monitored, controlled, and reported.


* Coordinates with Risk Management, Compliance, Information Security, Legal, Corporate Communications, and/or Internal Audit on risks assessments and incident response.

ADDITIONAL RESPONSIBILITIES


* Monitors market trends, regulatory developments, and emerging risks to assess their potential impact on the SOA's risk profile.


* Drives continuous improvement via capturing lessons learned after actual events to review and revise incident response plans and implement efficiency/productivity improvements.

REQUIRED SKILLS & PERSONAL QUALIFICATIONS


* Bachelor's Degree in risk management, law, or related business area required.

Master's Degree Master of Legal Studies (MLS) or Juris Doctor (JD) preferred


* At least 6-8 years of direct experience in risk management, business continuity, compliance, and/or enterprise risk management required


* At least 2-4 years of experience with ISO 22301 preferred


* Excellent verbal and ...