About the role

As the Head of Enterprise Risk Management, you will hold a high-impact leadership mandate reporting directly to the Chief Risk Officer, where you will be responsible for the end-to-end implementation and oversight of the Enterprise Risk Management Framework (RMF) across the Group. This role blends strategic governance with hands-on technical expertise, requiring you to identify, assess, and mitigate risks to ensure the business remains resilient and aligned with the Board-approved Risk Appetite Statement.

Beyond managing the integrity of the control environment through robust RCSAs and thematic reviews, you will act as a key advisor for new initiatives and business changes. Ultimately, you are tasked with driving a mature, proactive risk culture that doesn't just protect the business, but actively enhances operational excellence and broker efficiency.

What you'll do:

1. Framework & Governance Ownership

• Strategic ORMF Leadership: Lead the continuous evolution of the Enterprise Risk Management Framework (ORMF) and associated policies to ensure alignment with LMG’s strategic objectives and regulatory obligations (NCCP, BID).
• Risk Appetite Calibration: Lead the annual review of the Risk Appetite Statement (RAS); define, monitor, and report on Key Risk Indicators (KRIs) to ensure the business operates within Board-approved thresholds.
• Executive Reporting: Support the CRO in the preparation of high-quality, insightful risk reporting for the Board, Audit and Risk Committee, Risk Council and Executive Leadership Team, providing a transparent view of the enterprise risk profile and emerging trends.

2. Risk Identification & Control Excellence

• Control Design & Effectiveness: Lead the business-wide Risk and Control Self-Assessment (RCSA) process, providing challenges to ensure control environments are robust and mature.
• Thematic & Deep-Dive Reviews: Execute a schedule of thematic reviews into high-risk areas such as commission payment integrity, broker onboarding, and data privacy.
• Incident & Issue Management: Oversee the end-to-end incident management lifecycle. Lead root-cause analysis for material breaches and ensure Management Action Plans  are effective in preventing recurrence.
• Business Continuity & Crisis Management: Own the Business Continuity Management (BCM) program, including the development of Business Impact Analyses (BIA) and the coordination of annual testing.

3. Risk Change Assessment & Transformation 

• Change Risk Management: Lead the Risk Change Assessment process for all new business initiatives, product launches, and technology deployments. Ensure that risks are identified, assessed, and mitigated prior to "go-live."
• Post-Implementation Reviews (PIRs): Conduct formal risk reviews following major organizational changes to ensure that controls are operating as intended and that the change has not negatively impacted the business’s risk profile.
• GRC Platform Sponsorship: Act as the Business Sponsor for the GRC platform (6Clicks), ensuring it drives automated reporting, streamlined assessments, and serves as the "single source of truth" for risk data.

4. Leadership & Culture

• Risk Culture Advocacy: Drive a proactive risk-aware culture across the business, ensuring risk management is viewed as a value-add rather than a compliance hurdle.
• Team Leadership: Lead and mentor a high-performing team of three, fostering technical growth and professionalising the risk function.

What we're looking for:

• Relevant tertiary qualifications, Certificate IV or Diploma in Mortgage Broking preferred
• Strong knowledge of risk assessment methodologies and tools
• Strong stakeholder relationships experience
• Excellent business writing skills to influence positive outcomes
• Working knowledge of NCCP and a strong understanding of the broader regulatory regime particularly, in respect of ASIC obligations, Privacy Act and the Best Interests Duty
• Good understanding of mortgage lending and/or broker businesses

Working autonomously and excellent time management