HIAS recrute un Directeur principal, Gestion des risques/Conformité aux Etats-Unis.

 

 

 

 

 

HIAS seeks a Senior Director, Risk Management/Compliance to ensure the development, implementation and maintenance of an effective best practice risk management program and internal control environment, and to help lead our efforts globally to operate ethically and in compliance with applicable law, rules, regulations and organizational policies. The preferred candidate is an experienced risk and compliance professional with passion for HIAS’ humanitarian mission. The position reports to the General Counsel.

ESSENTIAL FUNCTIONS:

  • Supervises the Assistant Director, Risk Management/Compliance and is supported by the Legal Coordinator, Office of General Counsel.
  • Drafts annual enterprise-wide risk report, including all departments and offices, for senior leadership.
  • Coordinates, under the leadership of Executive Vice President/Chief Operating Officer, the inter-departmental Enterprise Risk Management Committee to oversee agency-wide risk management practices, facilitating continuous organizational improvement and promoting a culture of risk management appropriate to HIAS’ dynamic context.
  • Liaises with the Board Audit & Risk Committee on risk and compliance matters.
  • Maintains and updates software for tracking complaints/incidents implicating risks to organization.
  • Maintains and updates an ongoing enterprise risk matrix and dashboard.
  • Ensures that HIAS-branded entities globally update risk matrices at least annually.
  • Ensures that planned risk treatments are timely effected.
  • Maintains a current working knowledge of various laws, regulations and standards that affect the enterprise-wide compliance program, including ethics, fraud, safeguarding and whistleblowing laws, and relevant HIAS policies.
  • Identifies potential areas of compliance vulnerability, developing and implementing an action plan applying best practices.
  • Ensures proper reporting of violations or potential violations to the General Counsel and, as applicable, to the Enterprise Risk Management Committee.
  • Conducts risk and compliance training for staff.
  • Tracks governance obligations of country offices and advises General Counsel to foster timely compliance.
  • Collaborates with Internal Auditor and other internal stakeholders in developing, implementing and coordinating risk management and compliance strategies, policies and guidelines.
  • Performs other duties as assigned.

QUALIFICATIONS & REQUIREMENTS:

  • Undergraduate degree in Social Science or Management or equivalent work experience; graduate or law degree strongly preferred.
  • 8-10 years of risk management and compliance experience, and at least 3 years of relevant experience working on global risk management and compliance with an international nonprofit organization.
  • Fluency in English required; fluency in Spanish and/or French strongly preferred.
  • Knowledge of internal control process best practices and familiarity with standard reporting metrics.
  • Working understanding of risk management frameworks (such as COSO ERM).
  • Experience in applying risk strategies and approaches to support enterprise-level achievement of business results.
  • Experience leading compliance enforcement.
  • Results-oriented with strong customer service skills and ability to operate at all levels of an organization in a highly complex environment.
  • Ability to work effectively within a multi-cultural organization.
  • Excellent interpersonal, organizational and communication skills, both oral and written.
  • Ability to manage difficult situations with tact and good judgment.
  • Self-starter who is detailed-oriented.
  • Team player comfortable working in a fast-paced environment.
  • Proficiency with MS Office, particularly Excel and PowerPoint.
  • Experience with data management tools, including data visualization software desirable.
  • Ability to travel internationally up to 10% of the time to complex operating environments.
  • Travel, to include travel to insecure operating environments, may be required.