Enterprise Risk Manager

The Enterprise Risk Manager serves as the strategic leader driving Subaru of America’s (SOA) enterprise risk management and business continuity framework, known as SOAR (Subaru’s Enterprise Risk Program). This role ensures that risk awareness, mitigation, and resilience are embedded across the organization—empowering SOA to anticipate challenges, respond to disruptions, and safeguard critical business operations.

• Develops, implements, and manages enterprise risk management strategies and systems to ensure that Subaru’s enterprise risk program, SOAR, is embedded and operationalized throughout Subaru of America (SOA).
• Develops, standardizes, implements, and maintains SOA’s business continuity program to minimize disruption to employees, customers, and operations. Trains and provides guidance to risk owners. Coordinates plan integration and testing with SOA Crisis Communications and Information Technology (IT) teams and external suppliers.
• Maintains responsibility for the annual SOAR assessment which includes risks and opportunities identification, likelihood and impact scoring, and aggregating and evaluating mitigation strategies utilizing stakeholder interviews and industry insights.
• Prepares and presents updates on SOAR operations, risk register, heat map, dashboards, risk mitigation, and emerging exposures to SOA, affiliate and parent company leadership, and risk owners.
• Develops, maintains, improves, and tests business continuity plans using established standards and customized solutions across SOA’s business operations, ensuring consistency and alignment with crisis management manual and incident response plans. Stores plans in a central location.
• Partners with risk owners to ensure that appropriate action is being taken to proactively address and mitigate risks.
• Acts as a trusted advisor on risk issues, ensuring that current and emerging risks are properly identified, assessed, monitored, controlled, and reported.
• Coordinates with Risk Management, Compliance, Information Security, Legal, Corporate Communications, and/or Internal Audit on risks assessments and incident response.