Senior Enterprise Risk Manager

What do we do?

Paddle offers SaaS companies a completely different approach to their payments infrastructure. Instead of assembling and maintaining a complex stack of payments-related apps and services, we're a Merchant of Record for our customers. That means we take away 100% of the pain of payments fragmentation. It's faster, safer, cheaper, and, above all, way better.

We're backed by investors including KKR, FTV Capital, Kindred, Notion, and 83

North and serve over 5000 software sellers in 245 territories globally.

We are seeking a Senior Enterprise Risk Manager to play a key role in shaping and embedding our Enterprise Risk Management (ERM) framework. This second-line role will support the Compliance & Risk Lead in designing, implementing, and scaling proportionate risk processes that both protect the business and enable growth.

We're looking for someone who knows what "good" looks like in enterprise risk, but can also build from first principles - creating frameworks, policies, and tools that are pragmatic for a fast-growing environment. This is a hands‑on role, suited to someone experienced in designing risk frameworks from the ground up and guiding businesses through the journey of adoption, engagement, and maturity.

This role reports into the Compliance & Risk Lead as part of the Legal & Compliance function. You'll work closely with the wider Compliance & Risk team while partnering with Legal, Sales, Operations, and Product teams to turn strategy into practice and embed risk management across the business.

• Support the Compliance & Risk Lead in developing and implementing Paddle's risk management strategy and roadmap.
• Develop and maintain Paddle's risk taxonomy
  , ensuring risks are consistently identified, categorised, and understood across the business.
• Take ownership of the Operational Risk Management Framework (ORMF), including standards for RCSAs, control design, control testing, and issue management.
• Lead the development, implementation, and continuous improvement of the Enterprise Risk Management Framework (ERMF) and supporting policies.
• Define and maintain the Risk Appetite Framework and Statements
  , driving the development of risk metrics and monitoring against thresholds.
• Oversee the process for identifying and assessing strategic and emerging risks
  , preparing analysis and recommendations for escalation to senior stakeholders.

• Lead the coordination of risk governance processes, preparing materials and management information for XLT, Board, and other governance forums.
• Ensure risk assessments and reporting are completed on time and to a high standard.
• Support the production of simple, concise, insightful risk reporting, enabling senior stakeholders to make risk-based decisions.

• Partner with the broader team and first-line to embed risk management practices into business processes and change initiatives.
• Deliver risk training and awareness sessions across the business, building a strong risk culture.
• Oversee the remediation of internal audit findings, second-line reviews, and regulatory requirements to ensure timescales are met, producing high quality reporting and MI of progress.
• Champion the use of automation, tooling, and process enhancements to drive efficiency and scalability of the ERM function.

• Engage with internal stakeholders (product, operations, finance, technology) to ensure alignment and effective risk oversight.
• Represent the enterprise risk perspective in interactions with regulators, auditors, and external stakeholders.

• You bring 7–10 years of experience in risk management (first or second line), ideally with a background in operational or enterprise risk within financial services, fintech, or payments.
• You know what "good" looks like in risk management, but can design frameworks from first principles that work for a scaling business.
• You have had experience in designing risk frameworks, policies, and tools from the ground up, and guided businesses through adoption and maturity.
• You have hands‑on experience with core risk…