Enterprise Risk Management Lead

About Gusto

At Gusto were on a mission to grow the small business economy. We handle the hard stuff payroll health insurance 401(k)s and HR so owners can focus on their craft and their customers. With teams in Denver San Francisco and New York we support more than 500000 small businesses nationwide and are building a workplace that reflects the people we serve.

All full-time employees receive competitive base pay benefits and equity (RSUs) because everyone who helps build Gusto should share in its success. Offer amounts are determined by role level and location. Learn more about our Total Rewards philosophy.

AI is a fundamental part of how work gets done at Gusto. We expect all team members to actively engage with AI tools relevant to their role and grow their fluency as the technology evolves. AI experience requirements vary by role and will be assessed during the interview process.

About the Role:

Gusto is scaling our AI-powered risk function to support a complex multi-entity business operating in highly regulated environments. As the Enterprise Risk Management Lead you will own and operate Gustos Enterprise Risk and Third Party Risk Management programs built AI-first designed to scale and built to enable the business to move fast without breaking things.

This is a People Empowerer (manager) role. You balance hands-on program leadership with managing and developing a team of compliance professionals. You navigate the tension between doing the work and leading the work contributing directly to complex high-impact programs while ensuring your team delivers with excellence. You are a change agent who influences how automated risk management gets done at Gusto models AI-enabled ways of working and helps others grow their own capabilities in the process.

You will champion the adoption of AI machine learning and process automation across risk monitoring control testing incident management and reporting and you will partner with Product Data Science and Engineering to make it explainable adopted compliant and scalable.

Heres what youll do day-to-day:

You manage initiatives that are complex in both scope and impact influencing the strategic direction of Gustos compliance risk management framework. You apply a deep understanding of the regulatory landscape and how it intersects with Gustos business model to proactively design and lead cross-functional risk programs. You translate complex risk topics into clear actionable guidance that senior leaders can immediately understand and operationalize. You lead cross-functional working groups align divergent perspectives and drive cohesive progress toward shared goals with minimal oversight.

As a PE you balance individual risk and compliance contribution with team leadership. You manage operations professional development resource allocation and performance while staying close enough to the work to be a credible hands-on partner to your team and stakeholders. You model responsible AI use and act as a source of knowledge and mentorship supporting your teams AI journey and helping others apply it responsibly and effectively.

AI-Enabled Risk Operations Innovation & Transformation

This is how you and your team operate not a side project.

• Champion the adoption of AI machine learning process automation and advanced analytics to improve risk monitoring control testing and reporting across ERM TPRM and broader compliance functions
• Lead the integration of AI and automation into every phase of the risk lifecycle: vendor assessments document ingestion and analysis continuous monitoring and alerting risk scoring prioritization and trend analysis
• Build intelligent risk monitoring and evaluation systems including auto-tagging for risk issues audit requests and regulatory changes that improve real-time visibility and eliminate manual effort across the enterprise risk portfolio
• Drive the digitalization of risk tools including RCSAs KRIs incident reporting and audit tracking transforming periodic reactive processes into continuous intelligence systems with live leading and lagging indicators that enable real-time decision-making
• Partner with Product Data Science and Engineering to define requirements for AI-driven workflows decisioning engines and dashboards ensuring explainability auditability and regulatory defensibility of all AI-enabled risk decisions
• Design and build intelligent dashboards and reporting tools that deliver real-time risk visibility and decision-quality insights to senior leadership and cross-functional stakeholders
• Design AI workflows with appropriate validation loops human-in-the-loop checkpoints and guardrails ensuring outputs are reliable governable and meet regulatory standards before being used to frame risks recommendations or decisions
• Stay current on AI advancements and emerging technologies and proactively integrate new capabilities into team operations to increase velocity and scale
• Model responsible AI use supporting ICs in their AI journeys and fostering a culture of intentional experimentation accountability and continuous improvement

Enterprise Risk Management

• Design implement and continuously improve Gustos ERM framework ensuring alignment with best practices and Gustos stage of growth and strategic priorities across all entities
• Define and maintain Gustos enterprise risk taxonomy risk appetite statement and key risk indicators spanning operational regulatory technology financial and reputational risk domains
• Lead Gustos Enterprise Risk Management process driving integration of risk practices across business functions promoting a proactive risk culture and ensuring incident management root cause analysis and lessons learned are systematically captured in an automated AI forward way.
• Apply AI-assisted insights to enterprise risk datasets to surface systemic patterns validate assumptions prioritize risks and deliver proactive data-driven advisory to senior leadership
• Monitor the regulatory landscape (OCC FDIC CFPB SEC FINRA GDPR NIST ISO SOC) and leverage AI to proactively incorporate changes before they become compliance gaps
• Act as a key advisor to senior compliance leadership translating complex risk findings into clear actionable recommendations with minimal oversight

Third Party Risk Management (TPRM)

• Design implement and independently manage a high-impact AI-first TPRM program with clear milestones progress tracking and measurable outcomes across all Gusto entities
• Manage the full third-party risk lifecycle onboarding and risk profiling periodic assessments issue management corrective action tracking and offboarding across suppliers product partners contractors service providers and cloud service providers - and do so in an AI and automated way.
• Maintain a centralized authoritative vendor risk inventory and risk register ensuring real-time visibility into Gustos third-party risk posture
• Conduct periodic AI-driven audits and reviews of third-party compliance with contractual obligations and regulatory standards identifying patterns that inform continuous program improvement
• Serve as the central orchestrator across Compliance Security Legal Procurement IT and GRC for proactive and reactive third-party incident management
• Own Gustos TPRM policy and maintain comprehensive documentation risk assessments audit findings corrective actions ensuring full accountability and traceability

People Leadership & Team Development

• Balance individual compliance contribution with team leadership managing operations professional development resource allocation and performance while staying close to the work
• Coach and develop ICs toward next-level impact including building confidence and fluency with AI-enabled ways of working
• Anchor development conversations in observable behaviors outcomes and the L&C competency framework identifying gaps between current performance and next-level expectations
• Model the standard for what great risk work looks like at Gusto: rigorous judgment-driven AI-augmented and business-enabling
• Foster a team culture of intellectual curiosity responsible risk-taking and continuous improvement

Collaboration & Stakeholder Engagement

• Lead cross-functional working groups across Compliance Security Legal Procurement IT Product and Finance aligning divergent perspectives and driving cohesive progress toward shared goals
• Translate complex risk topics into plain business language that senior leaders can immediately understand and act on
• Engage with external auditors regulatory examiners and third-party counterparties with credibility and authority representing Gustos risk programs with transparency and rigor
• Build and maintain trust across the organization by delivering balanced well-reasoned risk guidance that enables innovation while protecting Gusto
• Leverage AI-assisted insights to enhance cross-functional collaboration ensuring outputs are validated and meet reliability standards before being used to frame risks recommendations or decisions

Heres what were looking for:

AI forward experience

• Demonstrated experience implementing automation AI and advanced analytics into risk or compliance workflows not theoretical; you have built and shipped this
• Exceptional ability to synthesize complex multi-domain risk findings into clear actionable recommendations for non-technical and executive audiences
• Skilled at facilitating alignment across a diverse set of internal and external stakeholders building consensus surfacing trade-offs and driving decisions with clarity and accountability
• Strong attention to detail with excellent organizational skills enabling effective coordination across multiple simultaneous programs and workstreams
• Experience in enterprise risk management compliance vendor management or a closely related field with hands-on expertise in both ERM frameworks and Third Party Risk Management
• Proven track record of building and scaling enterprise-wide programs in highly regulated environments (fintech financial services payments or banking strongly preferred)
• Strong cross-functional coordination skills with the ability to read analyze and interpret legal documents and vendor contracts

Leadership & Enterprise wide collaboration

• Proven people management experience with a track record of developing high-performing mission-driven teams
• Ability to successfully balance hands-on program work with team leadership you know when to roll up your sleeves and when to empower and delegate
• Strong executive presence and the ability to influence without authority across Compliance Legal Security Product and Finance
• Strategic curious collaborative and action-oriented able to balance moving quickly with a clear eye on long-term objectives
• Translates complex multi-domain risk findings into clear decision-ready guidance for executive and non-technical audiences
• Builds alignment across diverse stakeholders surfacing trade-offs driving consensus and keeping decisions moving with clarity and accountability
• Highly organized with the attention to detail needed to manage multiple complex programs and workstreams simultaneously

Our cash compensation amount for this role is between $137870 - $170040/year in Denver between $161700 - $199430/year for New York/San Francisco and between $176000 - $218000/year for Seattle. Final offer amounts are determined by multiple factors including candidate location experience and expertise and may vary from the amounts listed above.

Gusto has physical office spaces in Denver San Francisco and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role). The same office expectations apply to all Symmetry roles Gustos subsidiary whose physical office is in Scottsdale.

Note: The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.

When approved to work from a location other than a Gusto office a secure reliable and consistent internet connection is required. This includes non-office days for hybrid employees.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds not just because its the right thing to do but because it makes our company stronger. If you share our values and our enthusiasm for small businesses you will find a home at Gusto.

Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race color religion national origin age sex (including pregnancy childbirth or related medical conditions) marital status ancestry physical or mental disability genetic information veteran status gender identity or expression sexual orientation or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories consistent with applicable federal state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. We want to see our candidates perform to the best of their ability. If you require a medical or religious accommodation at any time throughout your candidate journey please fill out this form and a member of our team will get in touch with you.

Gusto takes security and protection of your personal information very seriously. Please review our Fraudulent Activity Disclaimer.

Personal information collected and processed as part of your Gusto application will be subject toGustos Applicant Privacy Notice.