Risk Management Specialist

Position Overview

The Risk Management Specialist plays a strategic role in supporting the Enterprise Risk Management (ERM) function by identifying, assessing, monitoring, and mitigating risks across the organization, with a strong emphasis on insurance industry operations and regulatory requirements. This role supports enterprise-wide risk initiatives, third-party risk oversight, fraud prevention compliance, and regulatory reporting while partnering with business leaders to promote a risk-aware culture.

This position reports to the Director of Enterprise Risk Management.

Essential Elements

Third-Party Risk Management (TPRM)

• Support execution and continuous improvement of the TPRM program.
• Conduct pre-contract due diligence and ongoing vendor risk assessments.
• Facilitate annual vendor reviews and ensure timely remediation of identified issues.
• Administer and maintain vendor risk management systems/platforms.
• Prepare monthly and quarterly vendor risk dashboards and reporting.

Vendor Inventory Management

• Maintain accuracy and completeness of the vendor inventory database.
• Ensure vendor records remain current and compliant with internal standards.

Special Investigations Unit (SIU) Coordination

• Coordinate investigations of suspected fraudulent insurance claims.
• Maintain accurate and detailed investigative documentation.
• Ensure compliance with state anti-fraud regulations and reporting deadlines.
• File required reports with state Departments of Insurance.
• Coordinate annual and new hire fraud awareness training.

Enterprise Risk Management Support

• Support enterprise risk assessments, risk identification, mitigation planning, and monitoring activities.
• Maintain enterprise risk registers and supporting documentation.
• Assist with control assessments and issue tracking.

Risk Reporting & Analytics

• Develop and maintain dashboards, KRIs, and management reporting.
• Analyze trends and emerging risks for leadership review.

Compliance & Regulatory Support

• Assist with ORSA documentation and NAIC-related reporting.
• Review SOC 1 reports and track Complementary User Entity Controls (CUECs).
• Support internal and external audit requests as needed.

Continuous Improvement / Projects

• Participate in cross-functional strategic initiatives.
• Identify automation and process improvement opportunities across risk programs.

Requirements

Education

• Bachelor's degree in Risk Management, Finance, Accounting, Business, or related field required. Equivalent experience considered.

Experience

• 0-2 years of experience in enterprise risk management, internal audit, compliance, insurance operations, or related field preferred.
• Experience with third-party risk management, vendor governance, or GRC systems strongly preferred.
• Experience with insurance regulatory environments highly desirable.

Skills

• Microsoft Excel, PowerPoint, Word (advanced proficiency preferred)
• Experience with GRC platforms, vendor management tools, or data visualization tools (Power BI preferred)
• Strong analytical and critical thinking skills
• Excellent written and verbal communication
• High attention to detail and organization
• Ability to manage multiple priorities independently
• Strong stakeholder relationship skills

Travel Required

• Less than 10%