Director of Risk Management

About The Job

The ACLU seeks applicants for the full-time position of Director of Risk Management in the Business Operations and Support Services department of the ACLU’s National office in New York, NY. This is a hybrid role that requires in‑office attendance two (2) days per week or eight (8) days per month. The department works to enable organizational effectiveness by partnering with staff across the enterprise to provide business solutions, training, physical space planning, facilities operations, capital projects, records management and archives services.

It continually evaluates operations to maximize resources, mitigate risk, and achieve the organization’s strategic goals.

Reporting to the Deputy Chief Operating Officer
, the Director of Risk Management will provide strategic leadership for the organization’s Enterprise Risk Management, Insurance, and Business Continuity functions, ensuring a coordinated and forward‑looking approach to risk and resilience. The role partners closely with executive leadership and cross‑functional teams to identify, assess, and manage enterprise risks that could impact the organization’s mission, operations, and long‑term sustainability. The Director leads the development of practical, actionable strategies that strengthen preparedness, protect organizational assets, and support informed decision‑making.

Central to the role is aligning risk management practices with the organization’s values and mission, ensuring that risk assessment and management reflect programmatic and organizational commitments.

• Lead, manage, and continuously evolve the organization’s Enterprise Risk Management (ERM) program, integrating strategic, operational, financial, compliance, and reputational risks into core decision‑making.
• Partner with executive leadership and cross‑functional teams to identify, assess, prioritize, and mitigate enterprise risks, ensuring clear ownership and accountability.
• Translate risk insights into actionable recommendations that support organizational strategy, resilience, and long‑term sustainability.
• Embed organizational values into Enterprise Risk Management program and processes.
• Partner with the Affiliate Support and Nationwide Initiatives (ASNI) Team to support Affiliate Risk Management program development.
• Oversee the organization’s insurance program, including risk financing strategy, coverage design, renewals, claims management, broker relationships, and cost optimization.
• Ensure insurance coverage aligns with the organization’s risk profile, contractual obligations, and evolving operating environment.
• Lead the cross‑functional Business Continuity and Disaster Recovery team, ensuring preparedness and leading communications for operational disruptions, emergencies, and crises.
• Manage the coordination and development, testing, and maintenance of business continuity plans, crisis management protocols, and recovery strategies across departments.
• Coordinate enterprise‑wide business impact analyses to identify critical functions, dependencies, and recovery priorities.
• Establish clear governance, reporting, and metrics for ERM, insurance, and business continuity, providing timely risk reporting to senior leadership.
• Monitor emerging risks, regulatory changes, and industry trends, proactively adjusting risk strategies as needed.
• Serve as a trusted advisor to leadership on risk‑related matters, balancing risk mitigation with mission delivery and operational flexibility.

• Be committed to advancing the mission of the ACLU.
• Center and embed the principles of equity, inclusion and belonging in their work by demonstrating commitment to diversity with an approach that respects and values multiple perspectives.
• Be committed to work collaboratively and respectfully toward resolving obstacles and conflicts.

• Demonstrated progressive experience in risk management, insurance, business continuity, or related disciplines, including leadership or people management experience.
• Demonstrated experience designing, implementing, managing, or maturing an Enterprise Risk Management (ERM) program within a complex…