• Identify, assess, prioritize, and mitigate external and internal risks that may impact the organization’s employees, property, information assets, customer trust, and brand. • Develop and execute long-term risk strategies that align with our business objectives. • Cultivate and lead a company-wide culture of risk awareness, accountability, and commercial growth. • Oversee applicable aspects of Third-Party Risk Management (TPRM). • Create and manage risk mitigation plans to address identified and anticipated threats. • Conduct operational risk assessments and implement tactical mitigation strategies. • Lead loss prevention, crisis management, business continuity, and disaster recovery planning. • Direct the organization's insurance program and manage all claims processing. • Develop and maintain appropriate relationships with public sector organizations responsible for assessing threats that could impact enterprise operations. • Serve as key liaison with the Company’s Risk & Safety Committee of the Board of Directors. • Develop, implement, and enforce safety policies, procedures, and controls. • Champion a strong safety culture throughout the organization. • Manage physical security measures to protect company and customer assets. • Lead initiatives for workplace violence prevention. • Safeguard all physical property, equipment, and on-site data. • Provide customer assurance related to physical security. • Ensure layered physical security for people, assets, and customer material through the use of facility controls and security technology. • Oversee all aspects of information security management. • Manage the organization's cyber incident response plan. • Direct the Third-Party Risk Management (TPRM) program for all software and technology vendors. • Provide information security-related customer assurance. • Develop and implement organization-wide cyber awareness and training programs. • Serve as key liaison with organizations responsible for oversight of information security compliance. • Lead and oversee all incident investigations and analysis. • Formulate and recommend corrective actions based on investigation findings. • Conduct ongoing monitoring and review of risk areas. • Develop and manage the organization's insider threat program.