Make an impact
of your own.

This role will play a critical part in our scaling journey by driving a forward-thinking, data-centric approach to risk management. The role will focus on identifying, assessing, and proactively monitoring potential risks, moving beyond simple risk registers to deliver calculated, data-driven insights to the business. A key responsibility will be contributing to the Combined Assurance model by facilitating the identification and assessment of all risks to ensure accurate recordal in the Enterprise Risk Register to aid the development of the risk universe and determination of the Combined Assurance Coverage Map. The role further ensures that effective risk management is deeply integrated into all product lifecycles and operational workflows.

KEY RESPONSBILITIES

Risk Management Framework

• Implementation of Lula’s Risk Management Framework to ensure that it is embedded in the business;
• Review Lula’s Risk Management Framework and update where necessary to ensure that it remains up to date and effective considering changes in Lula’s business environment, technology and regulatory landscape;
• Assist in developing or refining risk policies, procedures, and guidelines in line with industry and global standards.

Risk Identification and Assessment

• Arrange and manage regular risk identification workshops with management to identify any any existing and emerging risks applicable to the business;
• Conduct horizon scanning to identify emerging or evolving risks, including regulatory, strategic, or systemic trends, and contribute to scenario-based risk analysis
• Assess identified risks by determining their Likelihood and Impact, utilizing data analytics to transition from subjective estimations to evidence-based risk ratings and with the business determine the inherent and residual risks according to Lula’s set methodology.

Combined Assurance Collaboration

• Partner with the Internal Auditor to develop and maintain a Combined Assurance Map, identifying all assurance providers;
• Share risk identification data and emerging threat intelligence with the Internal Auditor to ensure the Annual Audit Plan remains risk-based and dynamic.

Risk Management

• Collaborate with business functions to increase risk ownership and embed ERM practices into operations;
• Facilitate, coordinate and/or recommend practical risk response strategies for any identified risks;
• Coordinate follow-up actions for risk assessments, track remediation plans, and support stakeholders through issue resolution and escalation processes;
• Develop and monitor Key Risk Indicators (KRIs) to provide management with early warning signals of potential risk breaches.

Maintain Enterprise Risk Register

• Serve as the custodian of Lula’s Enterprise Risk Register, ensuring risk ratings (Inherent and Residual) are updated based on changing internal and external environments;
• Developing a reporting strategy through which stakeholders can report and escalate risks for inclusion in the Enterprise Risk Register.

Risk Awareness and Culture

• Design and deliver engaging risk awareness programs and workshops tailored to different business units (e.g., Engineering, Customer Success, Product, Sales etc) to demystify Risk Management;
• Act as a partner to business functions to ensure that risk considerations are embedded in the design phase of new products, features, and operational processes (Risk-by-Design);
• Promote a culture where staff feel empowered to escalate potential risks or errors early without fear of retribution, ensuring a proactive rather than a punitive environment;
• Simplify and socialize risk policies and frameworks, ensuring they are practical, easy to understand, and accessible to all staff members regardless of their technical background;
• Build strong, trust-based relationships across the organization to establish the Risk Function as a strategic business partner.

Reporting

• Design and maintain dynamic risk dashboards that visualize Key Risk Indicators (KRIs), risk trends, and the status of mitigation activities;
• Coordinate with Internal Audit and Compliance to produce a consolidated Combined Assurance Report, providing a holistic view of coverage and gaps across the three lines of defense.

THE SKILLS AND EXPERIENCE WE’RE LOOKING FOR

• Bachelor’s degree in Finance, Economics, Risk Management, or related field;
• 2–3 years of experience in risk management, preferably within a Fintech, Banking, or high-growth and fast-paced Financial Services environment;
• Demonstrated experience with enterprise risk assessments, KRIs, risk registers, and issue remediation;
• Strong analytical and critical-thinking abilities; able to synthesize complex fact patterns and data into logical, evidence-based risk insights;
• Ability to gather, analyze, and present data using CAATs, SQL, or Business Intelligence tools (e.g., PowerBI, Tableau) to support risk findings;
• Ability to translate complex risk information into clear, audience-specific dashboards, reports, and committee packs;
• Effectively communicate and engage with stakeholders at all levels to foster a 'risk-aware' culture without hindering business agility;
• Present risk positions persuasively and negotiate practical, risk-based outcomes that balance safety with business growth;
• Ability to plan, coordinate, and control tasks for self to deliver risk assessments, reviews, and reports on schedule;
• Effective interpersonal skills for working in cross-functional teams, particularly in bridging the gap between technical/product teams and executive leadership;
• Ability to work independently in a fast-paced environment, manage multiple priorities, and deliver to strict deadlines;
• High ethical standards and a deep commitment to confidentiality and professional conduct;
• Resilient and adaptable to changing regulatory environments, industry practices, and emerging fintech technologies.