Director of Enterprise Risk and Compliance
Career GuideKey Responsibilities
- Set the enterprise risk and compliance strategy aligned to business goals
- Build and maintain the risk register and risk reporting cadence
- Lead risk assessments across business units and critical processes
- Design and oversee compliance programs, policies, and standards
- Monitor changes in regulations and translate them into practical actions
- Run internal control programs and coordinate control testing
- Oversee incident management and root cause analysis for compliance issues
- Lead remediation planning and track corrective actions to closure
- Prepare executive and board-level updates on risk exposure and trends
- Partner with Internal Audit, Legal, Security, and Finance on assurance activities
- Manage vendor and third-party risk processes
- Build and coach a team of risk and compliance professionals
Top Skills for Success
Executive Communication
Stakeholder Management
Program Management
Change Management
Risk Assessment
Risk Reporting
Control Design
Control Testing
Policy Development
Compliance Monitoring
Regulatory Interpretation
Third-party Risk Management
Incident Management
Data Literacy
Career Progression
Can Lead To
Vice President of Risk and Compliance
Chief Risk Officer
Chief Compliance Officer
Head of Governance Risk and Compliance
Chief Audit Executive
Transition Opportunities
Director of Internal Audit
Director of Privacy
Director of Information Security Governance
Director of Business Continuity
Head of Operational Resilience
Common Skill Gaps
Often Missing Skills
Board ReportingMetrics DesignThird-party Risk ManagementRegulatory Change ManagementControl AutomationCrisis ManagementData LiteracyPeople Leadership
Development SuggestionsBuild a repeatable risk reporting pack with clear metrics and trends, practice executive storytelling, and run at least one full end-to-end program cycle covering assessment, controls, testing, and remediation. Deepen knowledge in the regulations most relevant to your industry and strengthen third-party risk processes with consistent reviews and follow-ups.
Salary & Demand
Median Salary Range
Entry LevelUSD 140,000 to 180,000
Mid LevelUSD 180,000 to 240,000
Senior LevelUSD 240,000 to 330,000
Growth Trend
Demand remains strong, driven by increased regulatory scrutiny, cybersecurity and privacy expectations, third-party risk, and board focus on risk governance.Companies Hiring
Major Employers
JPMorgan ChaseBank of AmericaWells FargoCitigroupGoldman SachsUnitedHealth GroupCVS HealthAnthemPfizerJohnson and JohnsonAmazonMicrosoftGoogleSalesforceWalmart
Industry Sectors
BankingInsuranceHealthcarePharmaceuticalsTechnologyRetailManufacturingEnergyTelecommunications
Recommended Next Steps
1
Create a one-page enterprise risk and compliance strategy with priorities for the next 12 months2
Standardize a risk assessment method and roll it out to two high-impact business areas3
Define a small set of risk metrics and launch a monthly leadership dashboard4
Review and refresh core policies to improve clarity and enforceability5
Run a third-party risk review for critical vendors and close the highest-risk gaps6
Practice board-ready communication by writing a quarterly risk update in plain language7
Strengthen cross-functional partnerships with Legal, Security, Finance, and Internal Audit8
Identify one high-risk control area and implement automation to reduce manual effort