Head of Enterprise Risk Management and Internal Audit

Upstart is seeking an experienced leader to join our team to develop and lead our enterprise risk management ( ERM ) and internal audit programs. In this role you will bring a systematic and disciplined approach to the effectiveness of our risk management, audit, control, and governance processes. You will effectively identify, assess, monitor and report on the company’s full range of enterprise risks and risk mitigation action steps. You will also be responsible for reviewing Upstart’s financial and operational activities and performs advanced level professional internal auditing work. Your work will involve managing a comprehensive audit program including financial, credit, IT and compliance audit projects; consulting with Upstart’s management and staff; developing the annual audit plan; and providing ongoing training, coaching and supervision to any internal audit staff hired. For success in this role, you’ll bring a thorough knowledge of accounting, audit and risk management procedures, as well as keen business judgement . We’re looking for an energized and motivated leader with a proven capability to develop strong working relationships with cross-functional partners and various levels of management throughout the company, including the board of directors. Your core competencies will include analytical, presentation, reporting, and organizational skills.

Here is more about what you’ll you be doing:
Your ERM responsibilities will include:
Developing an ERM framework including identifying, describing and estimating risks related to Upstart’s activities, including its credit, operations and recovery, regulatory and compliance, liquidity and capital management, financial reporting, business continuity and resumption, vendor management, fraud, human resources, and information security and technology activities;

Developing ERM tools and practices to analyze and report enterprise risks according to the ERM framework, including periodic reviews of metrics and limits, and monitoring/escalating metrics that correspond to established thresholds;

Directing and managing the ERM risk assessment processes, requested risk reviews, and issue management, developing associated policies, programs, systems, and processes;

Ensuring that the ERM framework strikes a balance between costs and benefits of risk response initiatives by establishing collaborative relationships with key business owners to assist in the development, assessment and monitoring of mitigation plans for enterprise risks to ensure all risks are managed to an acceptable level; and

Reporting to senior management and the Board of Directors

Your Internal Audit responsibilities will include:
Overseeing the development and implementation of the annual internal audit plan, ensuring audit engagements are well defined, risk based and complete on time and on budget;

Directing the overall performance of audit work, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting business processes and procedures;

Monitoring the implementation of outstanding audit recommendations and validating their implementation;

Performing risk-based continuous monitoring of Upstart’s control environment, assessing the adequacy of the controls across Upstart’s business functions;

Oversee independent external auditor(s) in their annual (i) SOC 1 and SOC 2 audits and (ii) SOX audits, ensuring efficient and effective coverage of financial and other controls and maximum reliance on internal audit work;

Directing, recommending and implementing appropriate methodologies to ensure internal audit efficiencies and that address changes in internal audit standards and regulatory requirements;

Collaborate with various departments when internal audit perspective is requested; and

Hiring and supervising team members.

Here’s what we’re looking for:
Bachelor’s degree in accounting or business related field from an accredited college or university

Minimum of 8 years internal audit, ERM , or comparable experience

Knowledge of applicable laws and regulations governing risk management in the lending industry

Ability to conduct quality control reviews of audit work products;

Ability to efficiently develop, design, and execute ERM and internal audit plans and programs

Considerable knowledge of and skill in applying Generally Accepted Accounting Principles (US GAAP ) and SOX requirements and audit techniques and methodologies

Strong written and verbal communication skills and ability to interact and influence at all levels in the organization, including with senior and C-level executives

Works independently with extensive latitude for initiative and independent judgement

Strong problem-solving capabilities