Enterprise Risk Manager

Company: Craft3

Locations: Seattle, WA; Portland, OR

Job Function: Other


Craft3 is a nonprofit lender – a Community Development Financial Institution (CDFI) – with a vision of supporting thriving, just and empowered communities across Oregon and Washington. We focus on lending to entrepreneurs, nonprofits and individuals who have been denied access to traditional financing. By delivering capital where it’s needed most, we’re helping build a more equitable and resilient future. Learn more at www.craft3.org


The Enterprise Risk Management (ERM) Manager will work directly with the President to drive the strategy and execution of Craft3’s risk management functions across the organization. This position will provide leadership, innovation, management, guidance, and support necessary to build out, integrate, and optimize the operation of a comprehensive enterprise risk management framework aligned with Craft3’s strategies and business objectives. In this leadership role, the ERM will develop, and be instrumental in directing and implementing, the organization’s Enterprise Risk Management architecture and set of tools, practices, and policies to identify, evaluate, mitigate, and monitor Craft3’s business and operational risks.

ERM Business Unit – The ERM Manager will be stepping into an ERM framework at its initial stages, leveraging existing momentum to advance Craft3’s ERM governance structure, develop ERM policies and practices, build new systems and tools, and integrate ERM processes throughout the organization. As leader of the ERM business unit, the ERM Manager, reporting directly to Craft3’s President, will work at all levels of Craft3 from business unit employees to executive management and the Board of Directors to establish an ERM program that provides clear and replicable methods of knowing, assessing, and discussing opportunities and risks across all of Craft3’s operations and functions.


Essential Duties and Responsibilities include some or all the following and are not intended to be all-inclusive. Craft3 reserves the right to change, add or delete responsibilities and duties as seen fit.  An employee’s specific job duties, priorities, and performance expectations are detailed in their individual performance plans.

  • Establish a Craft3-tailored ERM framework including risk policies, metrics, reporting and monitoring; and develop ERM tools, practices, and guidance to analyze and track enterprise risks.
  • Direct the build out and successful day-to-day operations of Craft3’s Enterprise Risk Management framework for identifying, assessing, mitigating, remediating, monitoring, reporting, and managing risks.
  • Lead the Risk Council to obtain diverse and enterprise-wide perspectives that inform strengthen risk management products and services.
  • Be a subject matter expert in the interpretation and application of the ERM framework and actively advise and coach colleagues and business units on risk management performance and practices.
  • Review/test/audit risk mitigation measures and other risk management practices and tools, including in collaboration with outside/independent auditors or reviewers, and design and implement responsive risk management practices and tools.
  • Institute measures designed to provide ongoing monitoring of emerging and existing risks, support continuous improvement of ERM processes, procedures, protocols, and controls, and, in concert with Risk Council, generate routine and periodic updates of organization-wide enterprise risk assessments.
  • Collaborate with members of Executive Risk Committee, Risk Council, and others, as needed, to manage inter-dependencies, escalate and resolve risk management issues, and use insights and performance data to support improved business decisions.
  • Provide risk management training and education across the organization to expand the reach of enterprise risk management practices.
  • Prepare reports for executive management and the Board of Directors, as requested.


Cross Team Development

  • Collaborate with other Craft3 business units and team members to develop, implement, and maintain systems and processes.
  • Contribute to the body of knowledge, sharing best practices and suggest process improvement ideas.


Culture and Brand Management

  • Support the organization’s All Team performance standards, Companywide Competencies.
  • Demonstrate stewardship for the Craft3 Brand.



  • Policies—Develop enterprise risk management policies, as needed, to establish Craft3’s ERM framework and to implement associated ERM processes, procedures, protocols, and controls.
  • Compliance—Monitor and, in collaboration with management, Legal Counsel and others as appropriate, secure compliance with ERM policies.
  • Manage Risk Assessment evaluations and effectiveness of risk mitigation controls and activities.

Direct / Indirect Reports – This initially is a non-supervisory role.







Knowledge and Experiences  

Seven to ten years’ experience in enterprise risk/operational risk management disciplines, internal/external audit, compliance, and/or other similar functions. Knowledge of and direct experience implementing frameworks and best practices in risk management programs and processes, including activities such as risk identification, analysis, response, communications, monitoring and escalation. Experience acquired in financial services, banking, or related business is preferred.  At least four of the 7-10 years’ experience working with a recognized ERM framework, COSO framework, GRC strategies, ISO 31000, or similar methodologies preferred. Working knowledge of CDFIs and regulatory requirements for lending preferred.

Preferred Skills and Abilities

The ideal candidate will be able to demonstrate the following:

  • Passion for strengthening resilience of Pacific Northwest disadvantaged and underserved communities, including communities of color and rural and Tribal communities.
  • Highly effective oral and written communicator with ability to engage, understand a diverse range of perspectives, adapt content and style to match audience, and find shared value propositions across all levels of an organization.
  • Strong project management skills, including the ability to prioritize, multi-task, and demonstrate flexibility in the face of multiple and potential conflicting demands.
  • Excellent solution-oriented, organizational skills, keen attention to detail and effective time management to succeed in a semi-autonomous, fast-paced environment.
  • Ability to perform duties and responsibilities demonstrating consideration for safeguarding Craft3, its customers/clients and assets, through: effective risk management; adhering to applicable laws, rules, regulations, policies, and procedures; exercising sound ethical judgment regarding behavior, conduct and business practices; and escalating, managing and reporting control issues with transparency.
  • Self-starter with an ability to work well within a matrixed environment, manage competing priorities, and consistently exercise sound judgment, especially under circumstances where information is unknown, ambiguous, and/or incomplete.
  • Demonstrated ability to work collaboratively with colleagues, external partners, and diverse communities.
  • Proficiency in Microsoft Office Suite, Adobe Professional, file share systems, Contact Relationship Management system.

Certificates, Licenses, Registrations – None specified.

Physical Demands

Frequently requires use of manual dexterity and repetitive motions, primarily with the wrists, hands, and/or fingers.  Must be able to occasionally lift and/or move up to 10 pounds. Reasonable accommodation may be made to enable individuals with disabilities to perform essential functions.


Occasional travel may be required. Periodic travel to company events and Craft3 branch offices will be required.

Compensation and Benefits

• Medical, Dental, Vision, and Life Insurance

• 403b Retirement Plan (with employer match)

• Remote Flexible Schedule within Oregon and Washington

• Paid Time Off • Paid Holidays

• Volunteer Time Off

• Transportation

• Career growth opportunities!

How to Apply

Application Deadline: Open Until Filled.  First review of applications will begin late May and continue until the position is filled.