Chief Compliance and Risk Officer

The Office of General Counsel (OGC) serves as the University of Maryland, Baltimore County’s in-house legal team, dedicated to supporting the university’s mission through thoughtful, strategic legal guidance. We act as trusted advisors and counselors to administrators, faculty, and staff, and encourage you to consult with us whenever questions arise in the course of university operations, research, or academic initiatives. https://ogc.umbc.edu/

The Chief Compliance and Risk Officer (CCRO) is responsible for leading and maturing the organization’s risk and compliance functions, ensuring a unified, lifecycle-driven approach across enterprise risk management and compliance functions. The CCRO reports to the University’s Vice President and General Counsel and works closely with senior stakeholders, risk owners, and compliance partners to identify, assess, prioritize, and manage risks and compliance functions across the enterprise while fostering strong communication, collaboration, and accountability.

UMBC offers competitive compensation.  This role starts at $190,000 and has over 4 weeks of vacation for regular full time roles. Tuition remission is also available.

What is it like to work at UMBC?  Check out Glassdoor or Indeed.

For 16 years in a row UMBC has been recognized as a Great College to Work For! 

A hybrid telework schedule is available, if desired.

• Risk Management & Assessment: Design and oversee an enterprise risk management framework, including risk identification, assessment, triage, mitigation, and tracking throughout the risk lifecycle; partner with campus stakeholders to identify emerging risks and ensure appropriate risk treatment plans are defined and executed; and maintain a centralized risk register and provide clear reporting and insights to leadership. 
  
  
• Regulatory Compliance: Design and oversee an enterprise compliance management framework to ensure adherence to applicable regulations, standards, and internal policies; serve as a trusted resource for compliance-related information, guidance, and support; advise and educate compliance partners throughout the University to drive continuous improvement of compliance processes and controls; oversee the compliance risk assessment process and ensure appropriate risk mitigation strategies are in place. 
  
  
• Policy Development: In collaboration with the Senior Special Counsel for Compliance and campus stakeholders, establish and maintain a robust framework for policy, standards, and procedures development and governance; ensure policies and standards are aligned with regulatory requirements, industry best practices, and organizational risk appetite; promote policy adoption and awareness across the organization; develop recommendations and partner with University management/leadership to timely address required changes to University policies and training and education programs.
  
  
• Monitoring & Auditing: In collaboration with campus stakeholders, design compliance monitoring and testing programs; perform and oversee the performance of compliance-related monitoring activities to determine if University-wide compliance efforts are in alignment with applicable policies, procedures, laws/regulations; provide constructive feedback on, and recommendations and guidance for improving compliance efforts; monitor and interpret regulatory developments and assess their impact on university operations; ensure all distributed campus risk and compliance functions are integrated into ERM and compliance program frameworks and operate within a consistent lifecycle model.
  
  
• Reporting & Strategy: Develop and deliver meaningful metrics, dashboards, and reports on risk posture, compliance status, and ERM and compliance program effectiveness; provide regular updates to executive leadership, enabling informed decision-making; provide strategic advice to the President’s Cabinet and senior university leaders regarding risk and compliance posture; lead and/or participate in various University committees and ad-hoc working groups related to risk and compliance matters.
  
  
• Culture & Training: Foster a culture of ethics and transparency by developing and conducting employee training on compliance standards; review and audit training effectiveness through employee feedback and incident analysis to improve future training modules; use information from risk assessments to identify vulnerabilities (e.g., policy violations, data breaches, safety risks, etc.) and map these to specific training requirements; partner with HR, IT, and business units to ensure onboarding and ongoing compliance training requirements are met.