"Senior Director, Enterprise Risk Management and Compliance"

The Senior Director, Enterprise Risk Management and Compliance contributes to the leadership of the ethics, compliance, and enterprise risk management program at Rice University. Reporting to the Associate Vice President, Ethics, Compliance and Enterprise Risk & Chief Compliance Officer, the position will support compliance with federal, state, and local laws, as well as university policies, while facilitating the highest ethical standards of conduct for Rice's community of staff, students and faculty.

The position will work closely and collaboratively with compliance partners across Rice to strengthen existing compliance practices. The position will also direct the continued implementation and development of the university enterprise risk management strategy by designing and maintaining processes and capabilities to help the university manage its key enterprise-wide risks. Rice's ethics, compliance, and enterprise risk monitoring program is established by the Audit Committee of the Board of Trustees and is carried out under the overall direction and guidance of the Vice President and General Counsel.

Among other responsibilities, the position will work with the Executive Compliance Committee, senior university leadership, and the Audit Committee of the Board of Trustees to respond to compliance and enterprise risk inquiries, monitor emerging compliance and enterprise-wide risk areas, facilitate and promote awareness and communications regarding the compliance and enterprise risk management programs, and support the administration of policies and the policy review process.

The position will engage with all University processes, systems, and departments and interact regularly with all levels of management.

This is a full-time, benefits eligible position. Exempt (salaried) positions under FLSA are not eligible for overtime.

Minimum Education Requirements: Bachelor's degree (or foreign equivalent) in Business Administration, International Business or related field.

Minimum Experience Requirements: Eight (8) years of experience as a risk or compliance analyst in a legal, compliance, audit or enterprise risk environment, including experience with each of the following: Conducting enterprise risk reviews (including strategic, operational, financial, legal and compliance, cyber/IT, and environment, health and safety risks) and protocols to incorporate best practices; Defining and carrying out internal compliance risk reviews and audits; Globally accepted ERM standards and guidelines (e.g., ISO 31000, COSO ERM); and Compliance and assurance services, including managing risks and opportunities for business transformation projects in higher education and addressing risks specific to data and research security, laboratory safety, grant management, international programs, and global partnerships.

Of the required eight (8) years of experience as a risk or compliance analyst in a legal, compliance, audit or enterprise risk environment, at least five (5) years of experience must include experience with each of the following: Laws, regulations, and higher education industry standards (e.g., Clery Act, Title IX, FERPA, HIPAA, etc.); Governance, Risk, and Compliance (GRC) software tools, including Riskonnect, Archer, MetricStream, and/or LogicGate, to track and manage risks; Designing and implementing risk appetite frameworks and risk tolerance metric focused on higher education; Risk analysis and data visualization tools including Tableau and PowerBI to compile and present findings to senior university leadership (President, Provost and Vice Presidents); and Agile project methodology.

Essential Functions: Direct implementation and development of the enterprise risk monitoring program, including the joint risk assessments with Internal Audit of risk partners across the academic and administrative units to identify enterprise risks, analyze and quantify the potential impact and likelihood of risks, and facilitate the implementation of mitigation strategies. Liaise directly with compliance and risk partners across academic and administrative units on compliance and higher education enterprise risk-related matters. Prepare comprehensive written reports and presentations for stakeholders, as needed, that may include the Executive Compliance Committee, the senior university leadership, and the Audit Committee of the Board of Trustees regarding top institutional risks. Collaborate with Internal Audit on an ongoing basis to provide risk information for key audit activities. Conduct research on various compliance and enterprise risk-related topics and areas of emerging regulatory requirements in higher education (such as cybersecurity, conflicts of interest, diversity, equity, and inclusion, data privacy, research security, etc.) as required, including researching and staying abreast of best practices and trends in higher education.

Rice University is committed to ensuring Equal Employment Opportunity and welcoming the fullness of diversity into our candidate pools. Rice considers qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national or ethnic origin, genetic information, disability, or protected veteran status. Rice also provides reasonable accommodations to qualified persons with disabilities. If an applicant requires a reasonable accommodation for any part of the application or hiring process, please contact Rice University's Disability Resource Center at 713-348-5841 or adarice@rice.edu for support.