Executive Head - ERM and Ops Risk, Johannesburg

THE JOB AT A GLANCE

The Executive Head: ERM and Ops Risk provides strategic leadership in the development, implementation, and maintenance of enterprise-wide risk management, operational and business risk frameworks, including the Own Risk & Solvency Assessment framework. This role is part of the second line of defence (2LOD) and is crucial in shaping the company’s Enterprise-wide Risk Management (ERM), Internal Controls, Operational and Business Risk Management Frameworks.

WHAT YOU WILL DO

Strategic Leadership

• Contribute towards the development of the departmental strategy and annual performance plan
• Prepare the annual budget for the area of responsibility in accordance with financial policy and procedures
• Develop and execute the enterprise risk management framework and strategy aligned with the overall company strategy, objectives and risk appetite
• Lead the integration of risk management considerations into strategic planning and business decision-making processes
• Establish and enhance risk taxonomy and governance structures that enable effective risk governance and oversight
• Drive innovation in risk management methodologies and technologies to enhance organizational resilience, including business continuity
• Champion and implement the Own Risk & Solvency Assessment framework at RMA
• Champion and implement the Combined Assurance Model at RMA
• Champion and implement the Internal Controls Framework
• Serve as a trusted advisor to the Board, Group Risk and Audit Committees, Actuarial & Risk Advisory Board and Executive Management on all risk-related matters.
• Deputises for the Chief Risk Officer on all enterprise-wide and operational risk management matters.

Risk Framework Management

• Build a robust Enterprise Risk Management (ERM) infrastructure by strengthening the methodologies, systems, and tools, creating committees and working groups across leadership, and improving the depth of information resources and internal/external relationships
• Design, implement, and maintain comprehensive ERM, Internal Controls and Operational Risk Frameworks in line with best practice approaches that aligns with regulatory requirements and industry standards
• Organize and facilitate workshops for process mapping of key business processes, the identification and assessment of inherent business risks and controls
• Lead the development and/or reviews of risk appetite statements and corresponding tolerance and threshold levels, make recommendations or escalations, including performance indicators/ metrics
• Oversee and challenge of the business' adherence to risk appetite for operational risks, ensuring the process is owned by relevant First Line teams
• Proactively engage the Risk Champions to monitor and report the risks, build tools & processes, drive risk informed decision making and enhance risk informed execution
• Embed existing, new and/or updated ERM principles and capabilities across the company with the aim of ensuring consistent application of risk methodologies and building up “a risk culture” across all business units
• Lead enterprise-wide initiatives to strengthen operational resilience
• Provide training to First Line risk champions, raising awareness of the ERM and Operational Frameworks processes applicable to staff
• Review and challenge to operational change projects via Steering Committee membership or undertaking project risk reviews
• Lead enterprise-wide initiatives to strengthen operational resilience
• Develop and deploy an internal control framework for management of all material risks, including outsourcing risk, and provide oversight, monitoring and challenge to the First Line to ensure no degradation in the outsourced service performance that may result in material risk
• Act as second line of defence to ensure the business continuity plan remains fit for purpose and participate in the tests to ensure the control environment is appropriate
• Advise the Group Risk and Audit Committees on changes and enhancements to be made to the Frameworks to ensure they remain market-leading and aligned to the company's overall strategy and objectives
• Drive continuous improvement of risk management process, tools and systems by conducting a gap-analysis or maturity assessment regularly (at least annually) to provide input towards the development and maintenance of risk management frameworks, policies, strategies, standards and guidelines (incl., Guidance Notes and Checklists).

Risk Mitigation and Control

• Develop a clear vision and roadmap to deliver on the mandate and value by developing practices and advises management and the Board on the effectiveness of the company’s overall control environment in non-financial matters such as risk prevention and value creation
• Oversee the risk events, challenge First Line risk champions and risk owners on remediation and resolution of risk events, escalating issues and concerns as required
• Influence and monitor progress of action plans to improve the risk and control environment arising from risk assessments, risk monitoring, internal and external audits and regulatory inspections
• Facilitate or support scenario analysis or simulation exercises to assess the potential impact of risks and vulnerabilities and the businesses' ability to respond thereto
• Oversee and assess the adequacy and effectiveness of the Material Controls
• Contribute to the identification and development of business areas' risk control and self-assessments
• In conjunction with risk-owners, participate in control self-assessment and track implementation of action points for control weaknesses
• Directs Group-wide resiliency efforts and Business Continuity Management (BCM) planning to ensure that the company has appropriate measures in place to continue operations in the event of a range of disaster scenarios
• Drives all facets of BCM processes and initiatives and readiness testing. Serves as the second line of defence responsible for resiliency risk and guides the co-ordination of the company’s response to a crisis, in an effective, timely manner
• Define and establish a risk-based approach to address key TPRM related risks and oversee its implementation and on-going monitoring
• Ensure Comprehensive Mitigation Action Planning
• Monitor and report the progress of Mitigation Action Plans
• Act as the subject matter expert within the Corporate Governance functions for Operational Risk Management.

Regulatory Compliance & Reporting

• Report the Enterprise-Wide Risk profile to Executive Management, Board, Audit and Risk Committees; highlighting key risk indicators, ongoing risk management efforts, and recommendations for improvement
• Ensure compliance with all relevant regulatory requirements related to enterprise and operational risk
• Oversee the development of comprehensive risk reports for the Board, Audit and Risk Committees, Actuarial and Risk Advisory Board, Exco and regulatory authorities
• Lead regulatory engagements and examinations related to risk management
• Stay abreast of evolving regulatory expectations and industry standards to ensure alignment
• Provide timely analysis and expertise on risk issues by presenting data and information in a meaningful format to be actioned and to support decision making.

People Leadership & Capability Development

• Build and lead high-performing risk management teams, thereby ensuring that high standards are maintained with a positive team culture and morale and ensuring that team members are trained and developed to meet the needs of their role and career aspirations
• Deliver effective performance development for any direct reports
• Develop and implement succession plans for critical risk management roles across the enterprise
• Foster a strong risk culture through training, awareness, and business change management initiatives
• Mentor and coach risk professionals to enhance their capabilities and performance
• Promote diversity, inclusion, and employee well-being within the risk function
• Stand-in for as well as perform duties as delegated from time-to-time by Group Chief Risk Officer.

Stakeholder Management

• Develop and maintain effective relationships with key internal and external stakeholders, performing the role as a 'critical friend' to help the business optimise its risk management activities
• Collaborate with business units to embed risk management practices across the operations
• Engage with industry bodies, regulators, and peer organizations to exchange knowledge and best practices
• Lead communications on risk matters to ensure organizational awareness and understanding
• Influence strategic decisions by ensuring adequate consideration of risk perspectives.

WHAT YOU WILL GET IN RETURN

We offer great opportunities for personal and professional development in a stable company that is 132 years strong. The role comes with a competitive salary package and various benefits. Furthermore, you will be part of a dedicated group of colleagues who value teamwork and collaboration.

Turnaround time

The shortlisting process will only start once the advert due date has been reached. The time taken to complete this process will depend on how far you progress within the recruitment process and the availability of our managers. Kindly note that should you not receive a response within 21 days, please consider your application unsuccessful.

Closing date: 13 March 2026

Our Commitment to transformation:

In accordance with the employment equity plan of Rand Mutual Assurance and its employment equity goals and targets, preference may be given, but is not limited, to candidates from under-represented designated groups.