Manager Risk and Control Testing and Assessment

Please reference the schedule and minimum qualifications listed below before applying.

If you need assistance with filling out our application form or during any phase of the application, interview, or employment process, please notify our Human Resources Team at 801-366-6947 option 1 or email macurecruiting@macu.com and every reasonable effort will be made to accommodate your needs in a timely manner.

Job Summary

The Manager Risk and Control Testing and Assessment is responsible for strengthening Mountain America Credit Union’s ability to proactively identify, assess, and mitigate operational risks through comprehensive testing and control evaluation. Reporting directly to the Director of Operational Risk, this role leads management of the Risk and Control Self-Assessment (RCSA) Program and the Enterprise Testing and Monitoring Program, ensuring alignment with regulatory expectations and the enterprise risk strategy.

This position works cross-functionally to coordinate testing activities, evaluate control effectiveness, and deliver actionable insights that enhance the credit union’s risk posture. The manager plays a key role in embedding risk awareness and control assurance into both strategic planning and day-to-day operations.

Job Description

LOCATION

Mountain America Center

9800 S Monroe St
Sandy, UT 84070

 

SCHEDULE

Hybrid work environment with a blend of in-office and remote flexibility, based on business needs.

To be effective, an individual must be able to perform each job duty successfully.

Risk and Control Self-Assessment (RCSA) Program

• Lead the design, implementation, and quality assurance of the enterprise-wide RCSA program.
• Ensure consistency in risk and control identification, assessment, and documentation across business units.
• Provide guidance and training to stakeholders on RCSA methodology and best practices.
• Monitor RCSA outcomes and escalate significant risk exposures to senior leadership.

Enterprise Testing and Monitoring Program

• Coordinate testing activities across risk, compliance, and technology testing teams to ensure comprehensive risk coverage.
• Develop and maintain testing schedules, protocols, and reporting standards for business units and independent testing teams.
• Collaborate with business units to identify trends and advise on remediating control gaps and weaknesses.
• Support the development of risk dashboards and reporting for executive leadership and risk committees.

Operational Risk Testing Execution

• Design and execute operational risk testing plans aligned with enterprise risk appetite and regulatory expectations.
• Analyze testing results, identify trends, and recommend control enhancements.
• Maintain documentation of testing procedures, findings, and remediation tracking.

Governance & Reporting

• Develop and maintain policies, procedures, and governance documentation for RCSA and testing programs.
• Prepare risk reports and dashboards for executive leadership and risk committees.
• Track and report on testing metrics, issue identification, and control effectiveness.

Knowledge, Skills, and Abilities

The requirements listed are representative of the knowledge, skills, and/or abilities required.  Reasonable accommodation may be made to enable individuals with disabilities to perform the essential job functions.

Education and Experience

• Bachelor’s degree in finance, risk management, economics, or related field required, advanced degree preferred.
• Minimum of 5 years of experience in operational risk, internal audit, or risk testing within financial services.
• Strong understanding of operational risk frameworks, RCSA, and regulatory expectations.

Certifications

•  Preferred certifications: CUERME, CRM, CRCMP, or similar risk-related credentials.

Skills

• Strategic thinking with strong analytical and problem-solving capabilities.
• Strong analytical skills with the ability to aggregate, interpret, and visualize complex risk data.
• Demonstrate the ability to respectfully question, escalate, and provide alternative perspectives when identifying potential risks as part of credible challenge.
• Builds trust with business partners by using facts, regulatory knowledge, and clear communication to influence outcomes.
• Excellent written and verbal communication skills.
• Proficiency in GRC platforms (e.g., Archer) and risk reporting.

Leadership and Organization Development

• Demonstrates ownership and accountability in delivering high-quality risk testing and reporting outcomes.
• Fosters a culture of collaboration, transparency, and continuous improvement within the risk function.
• Provides mentorship and guidance to junior team members and peers.
• Aligns team activities and deliverables with enterprise risk strategy and organizational goals.
• Effectively manages change and adapts to evolving regulatory, strategic, and operational priorities.
• Builds strong cross-functional relationships to influence outcomes and promote a unified risk culture.

Scope and Strategic Impact

• Supports the execution of the enterprise risk framework through testing governance, policy oversight, and risk reporting.
• Shapes the credit union’s risk culture by promoting transparency, accountability, and strategic alignment.
• Delivers critical insights to executive leadership and risk committees via dashboards, KRIs, and Board-level reporting.
• Enhances enterprise-wide risk visibility by synthesizing testing data across business units.
• Drives consistency and quality in governance documentation, including testing plans, issue tracking, and reporting templates.
• Embeds risk awareness into operational and strategic decision-making processes.

#LI-PN1

Mountain America Credit Union is an EEO/AA/ADA/Veterans employer.