Rodeo
ResourcesPartnersSign in

Archer Integrated Risk Management

Senior ERM Specialist

Bristol
Posted about 10 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Job Details

Description

The Role

As our Senior Enterprise Risk Specialist, you will be Archer's subject matter expert on enterprise-wide risk – designing, embedding, and continuously improving our ERM framework across a global GRC business. Reporting to the Director of Risk and Compliance, you will operate at the intersection of governance, commercial growth, sales enablement, and third-party risk, translating risk insight into strategic and commercial decisions.

This is a senior individual contributor role with significant cross-functional influence, suited to an experienced ERM practitioner who combines deep technical knowledge with commercial awareness — and who can move fluently between framework architecture, executive reporting, client-facing conversations, vendor assurance, and quantitative risk modelling.

What You’ll Do

Enterprise Risk Framework & Governance

  • Maintain and evolve the firm-wide Risk Management Framework (RMF), ensuring alignment with ISO 31000, COSO ERM, NIST RMF, and applicable global regulatory expectations (including DORA, EU AI Act, and CPS230).
  • Own the risk taxonomy, risk appetite framework, and tolerance thresholds; present annual refresh recommendations to the Risk Committee and coordinate quarterly risk reporting to the Risk Steering Committee.
  • Lead the annual RCSA programme and drive 3LoD integration across ERM, operational resilience, business continuity, internal audit, and compliance — eliminating duplication and strengthening assurance.
  • Build and run the Risk Academy: design and deliver risk training programmes that embed risk awareness across the business.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Governance & Policy

  • Support the Director of Risk and Compliance on risk governance structure, including committee architecture, escalation pathways, delegated authorities, and the Enterprise Policy Governance Framework.
  • Oversee the enterprise risk register and Key Risk Indicator (KRI) programme; partner with Information Security to surface risk themes from incident analysis and assess aggregate exposures across the enterprise risk register.

Sales Enablement & Commercial Partnering

  • Partner with Sales and Go-to-Market teams to embed risk-informed thinking into pursuit strategy, proposal responses, and client onboarding; act as risk SME on strategic deals.
  • Review RFP security and risk questionnaires and contractual risk clauses; advise on acceptable positions and escalation triggers; collaborate with Legal on agreement reviews.
  • Build a library of reusable risk content — playbooks, position papers, and control narratives — that accelerates deal velocity without diluting risk standards.

Third-Party Risk Management

  • Own the end-to-end third-party risk lifecycle: inherent risk tiering, due diligence, contractual safeguards, ongoing monitoring, and offboarding — coordinating across Procurement, Legal, InfoSec, and Privacy.
  • Maintain the concentration and Nth-party risk view; report systemic dependencies into the enterprise risk profile and drive remediation plans with vendor owners, escalating residual risk decisions in line with appetite.

What You Bring

  • Deep, hands-on experience in enterprise risk management, operational risk, or a closely related discipline, with a track record of operating at a senior level within global organisations.
  • Proven track record of implementing or evolving ERM frameworks, including risk appetite, governance structures, and risk registers.
  • Strong working knowledge of global regulatory frameworks relevant to a GRC software provider, including DORA, EU AI Act, GDPR, NIS2, ISO 31000, and COSO ERM.
  • Experience conducting third-party and vendor risk assessments and managing supplier risk programmes.
  • Demonstrated ability to produce executive-level risk reporting and present to senior governance committees.
  • Clear, confident communicator; able to translate complex risk concepts for non-specialist audiences and produce high-quality written outputs including board-level reporting.
  • Highly self-directed; comfortable delivering in a fast-paced environment with minimal oversight.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Even Better If You Have

  • Degree in a relevant discipline (e.g. Risk Management, Business, Law, Finance), IRM qualification (International Certificate or Diploma in ERM), or equivalent professional certification (e.g. CRISC).
  • Experience partnering with compliance functions to translate regulatory requirements into operational risk programmes.
  • Experience designing and delivering internal risk training or awareness programmes.
  • Familiarity with financial services regulatory frameworks such as Basel III/IV, Solvency II, or FCA/PRA requirements.
  • Experience in a GRC, SaaS, or technology-enabled services environment.
  • Exposure to quantitative risk modelling techniques.
Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Enterprise Risk Management
Operational Risk
Risk Frameworks
Governance Structures
Risk Registers
Regulatory Compliance
Third-Party Risk Management
Vendor Risk Assessments
Executive Reporting
Risk Communication
Risk Training
Quantitative Risk Modelling
ISO 31000
COSO ERM
DORA
EU AI Act

Location

Bristol, England, United Kingdom

Sign up to applySee more jobs like this