Director / Senior Director of Enterprise Risk

The Role

• Establish and evolve Ascenda's enterprise risk governance framework, defining risk appetite, standards, and accountability across all business functions
• Lead a monthly Risk Committee attended by all functional leads, surfacing key risks, tracking remediation, and driving accountability across the business
• Own counterparty risk across clients and suppliers, including gap assessments, credit and reputational risk monitoring, supplier and client due diligence, single-sourcing exposure identification, tracking of remediation activities and contingency planning
• Build and maintain the enterprise fraud framework, ensuring robust internal controls and separation of duties across core processes
• Partner with cybersecurity and IT compliance teams to ensure cyber and technology risks are appropriately identified, assessed, mitigated, and reported within Ascenda's enterprise risk framework, providing independent challenge and oversight while leaving technical control ownership with the Security team.
• Support the Cybersecurity & IT Compliance team by coordinating risk and compliance activities across business functions, including HR, Finance and Operations, to meet ISO 27001, SOC 2, PCI DSS and other assurance requirements.
• Own the business continuity management framework, including business impact analysis, continuity planning, testing coordination, crisis management preparedness and remediation tracking across business functions.
• Lead the coordination of customer risk, compliance and due diligence assessments, partnering with subject matter experts across the business to develop responses, coordinate evidence, assess gaps and track remediation activities.
• Own Ascenda's legal and compliance risk posture, including regulatory monitoring across operating markets, oversight of contractual and legal exposure, and management of data privacy frameworks including GDPR and CCPA

• 10+ years of experience in risk, compliance, operations, or a related field, with meaningful exposure to enterprise-wide risk governance
• Experience in a start-up or high-growth company environment, with the ability to build frameworks that are practical and proportionate to the business context
• Proven track record building or significantly evolving end-to-end business risk governance programs, including enterprise risk management frameworks, BCM, and supplier risk assessments
• Working knowledge of legal and compliance concepts, including contract review, regulatory requirements, and data privacy frameworks
• Familiarity with IT security risk sufficient to engage meaningfully with technical teams and provide second-line oversight across cyber and technology-related exposures
• Demonstrated ability to influence and challenge senior stakeholders across functions, with a collaborative and constructive approach
• Strong communication skills with the ability to translate complex risk concepts into clear, actionable language for leadership and the board
• Able to build from scratch in a lean environment, prioritizing pragmatically and driving execution with limited infrastructure
• A true role model for Ascenda's core values: growth mindset, hands-on ownership, supportive collaboration, and radical simplicity