Senior Director Enterprise Risk Management

Senior Director Enterprise Risk Management

Website CME Group


CME Group is the world’s leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. We’re small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.

To learn more about what a career at CME Group can offer you, visit us at .

The Senior Director (SD) Enterprise Risk Management is responsible for leading, designing, implementing and continually improving CME Group’s Enterprise Risk Management (ERM) program throughout CME Group globally.  The ERM program assists our senior management and Board of Directors in overseeing our risk management activities and supporting our risk and compliance programs.  The SD works closely with the Management Team to demonstrate that CME Group risks are identified, assessed, monitored and considered in the development of CME Group’s strategic vision, and proactively managed to balance risks and rewards of the business.   This role also assists the Risk Committee and the Board in meeting their fiduciary obligations to oversee risk for the Company.

This is both a strategic and tactical position, where the candidate will facilitate and guide interactions with external stakeholders, including regulators and Board Committees, business areas and risk/compliance functions throughout the Company to continually expand the use of our risk management methodology, processes and technology, risk appetite and risk culture.   The candidate will be accountable for presenting and responding to inquiries about the Company’s program, including to the Risk Management Team, the Management Team, Risk Committee, Board and regulators.  The SD will report directly to the Managing Director, ERM and Global Chief Compliance Officer. The SD must be forward-thinking for future requirements given the complex nature of the business and its growth initiatives.

Principal Accountabilities:

Program Operations and Maturity

  • Establish, maintain and continuously improve CME Group’s ERM Program to enable senior management and the Board/Audit Committee to set and manage the organization’s risk appetite and enable visibility to material risk mitigation and management activities.
  • Oversee ERM team consisting of 5 employees currently based in Chicago, London and Amsterdam, and cross-functional Risk Management Team.
  • Design, implement and enhance appropriate risk management procedures that summarize risk management strategies, controls and mitigation plans, assess the effectiveness of mitigation actions and calibrate residual risk. Activities should:
    • Assess the merit of additional controls/mitigation vs. acceptance of residual risk
    • Monitor effectiveness of controls by requesting and reviewing recurring reports prepared by the business owner and, as appropriate
  • Provide metrics and evidence to demonstrate that CME Group’s risk profile is in alignment with its Statement of Risk Appetite, risk tolerance and organizational strategy
  • Lead the evolution of ERM Framework, including driving consistency in measurement and methodology across risk management programs and tools.
  • Strengthen risk reporting by leveraging risk data aggregation from Archer GRC (e.g. findings, exceptions, incidents, operational risk assessment and control testing results)
  • Oversee the entity specific risk assessments including EU specific regulatory deliverables such as Pillar III and ICAAP
  • Support major business initiatives including acquisitions and other partnerships.
  • Benchmark CME Group’s program against industry leading practices and accepted industry standards and align the ERM Program to meet risk management objectives as established by the MT, Board and its Committees.
  • In collaboration with the regulatory response team and other second line functions, respond to regulatory inquiries and program documentation requests including examination requests, new product filings, ESG/Investor relation inquiries, etc.
  • Remain informed on the critical risks facing the organization from both external and internal sources by monitoring industry trends and participating in various internal committee meetings and external professional organizations such as Gartner, World Federation of Exchanges, etc.

Cross-Functional Collaboration and Support

  • Serve as subject matter expert and provide tactical support to functions and legal entities within CME Group (including CME Clearing House, Third Party Risk Management, Compliance) in complying with their regulatory enterprise and operational risk obligations.
  • Partner with Archer GRC team to as the business sponsor for the GRC platform to help set the business and strategic direction for the platform:

Drive platform strategy and align programmatic components to harmonize risk aggregation and reporting across the enterprise. Develop and implement Archer

GRC governance framework for key program decisions, escalations and reporting.

  • Instill best practices in ERM strategy and program implementation throughout CME Group.  Promote a culture of risk awareness and accountability through training, education and risk management consultative support.
  • Enhance alignment between ERM and key programs including Global Assurance (Internal Audit) and second line of defense functions by sharing risk intelligence and developing appropriate processes and protocols for aggregation, communication and escalations of risks
  • Partner with the second line of defense teams to:

Review and incorporate second line of defense testing results into ERM risk assessment as part of the quarterly risk assessment process Develop a process to maintain control inventory for Governance Risk and Compliance Department including annual reviews and validation Outline a process to conduct testing for all controls within the Governance Risk and Compliance and track remediation plans

Communication with Governance Bodies and Regulators

  • Work with the Managing Director to set the agenda and oversee preparation for the Company’s Risk Committee, which meets five times per year.
  • Develop consolidated presentation materials and guide discussions with Risk Management Team, Management Team, and Risk Committee
  • Report regularly on all key / primary risks to Management Team and appropriate Board Committees including providing rationale for the drivers of changes between periods
  • Provide Advisory and Support Services related to risk, strategy and decision making to senior management across CME Group Divisions with the objective of enhancing and evolving risk management and mitigation capabilities

Strengthen ERM Governance and Reporting:

  • Enhance and align quarterly risk reporting with quarterly compliance reporting for internal and external stakeholders using risk assessment and data visualization platform (Tableau)
  • Establish an Executive Risk Team for consideration of consolidated and aggregated risk reporting and escalation of risks and related metrics.
  • Continually enhance risk governance processes for Group-wide risk by ensuring that the critical risks of the business are appropriately identified, evaluated, addressed, reported and controlled.

Work Experience:

  • 10+years of relevant work experience in a highly regulated environment including deep experience in Enterprise Risk Management and operational risk; Third Party Risk Management (TPRM), compliance and/or internal audit experience preferred but not required
  • Working knowledge of Enterprise Risk Management Framework (e.g., COSO.) and industry developments and trends,
  • Archer or GRC tool experience, along with track record in developing and reporting actionable and consistent risk data
  • Manager with international experience; ideally US parent, international regulated subsidiaries and managing global teams in a virtual environment
  • Executive level presence and demeanor with regulators, senior leadership, and Boards/Directors
  • Comfortable working with diverse corporate stakeholders to advance the risk strategy and continue to build consistency in using the ERM Framework
  • Self-sufficient, highly organized, direct communication and management style
  • Experience in a highly regulated environment, ideally exchange/Central Counterparties (CCPs)
  • Preferably based in Chicago but other CME Group locations also possible


  • Bachelors degree required
  • MBA or Law Degree preferred

To apply for this job please visit