IT Operational Risk Manager


Miami
Permanent
$200,000 USD a year
Risk Management
PR/601502_1784153925
IT Operational Risk Manager

This position sits within an operational risk function and supports the oversight of technology-related risk across the organization. The role partners closely with teams in information security, IT, data protection, privacy, and business continuity to strengthen risk identification, assessment, and monitoring practices.

The position combines hands-on execution with program development, including enhancing frameworks, improving reporting, and helping ensure risks, control gaps, and remediation efforts are clearly tracked and communicated.

Key Responsibilities

Technology Risk Identification and Assessment

  • Identify and assess operational risks related to technology, information security, and data practices
  • Partner with cross-functional teams to evaluate control environments and uncover gaps
  • Support risk assessments across areas such as cybersecurity, privacy, data protection, business continuity, and emerging technologies
  • Track risk themes and trends to highlight areas requiring increased attention

Risk Framework and Governance

  • Support the development and refinement of risk frameworks, methodologies, and documentation standards
  • Contribute to the design and maintenance of risk taxonomies and control libraries
  • Drive consistency in how risks are identified, evaluated, and reported across teams
  • Work within a GRC environment to support risk and control activities

Risk Reporting and Metrics

  • Assist in building reporting for risk exposure, control gaps, and remediation progress
  • Develop dashboards, metrics, and key risk indicators to provide visibility into risk trends
  • Prepare materials for senior stakeholders and governance forums
  • Translate technical risk concepts into clear, business-focused insights

Privacy and Data Protection

  • Support risk assessments tied to data usage, privacy practices, and third-party relationships
  • Partner with relevant stakeholders to identify and document privacy-related risks
  • Assist in tracking issues, remediation activities, and risk outcomes tied to data protection efforts

Business Continuity and Resilience

  • Participate in business impact analyses and continuity planning efforts
  • Help identify critical systems, dependencies, and recovery requirements
  • Assess technology-related continuity risks and support mitigation planning

Emerging Technology and AI Risk

  • Contribute to governance and risk management practices for emerging technologies
  • Support assessments, control design, and monitoring related to AI use cases
  • Partner across teams to evaluate risks tied to new tools and platforms

Issue Management and Remediation

  • Track remediation efforts and follow up on action plans and target dates
  • Support escalation of high-risk or overdue items
  • Ensure issues and responses are documented appropriately

Regulatory Alignment

  • Support alignment with regulatory expectations and industry standards related to technology risk
  • Stay informed on evolving requirements across cybersecurity, privacy, and data protection
  • Partner with compliance and legal teams to assess impact of regulatory changes

Stakeholder Collaboration

  • Build relationships across IT, security, privacy, compliance, and business teams
  • Communicate risk insights and updates clearly to a range of audiences
  • Act as a trusted partner in strengthening risk awareness and practices

Qualifications

  • Experience in operational risk, technology risk, or a related discipline
  • Knowledge of information security, data protection, privacy, and business continuity concepts
  • Experience supporting risk assessments, control evaluations, and issue tracking
  • Familiarity with GRC tools and risk management processes
  • Strong analytical and communication skills, with the ability to translate technical topics into business language
  • Ability to work across multiple stakeholders and functions

Preferred Background

  • Experience in a regulated industry such as financial services or similar environments
  • Exposure to cross-functional teams including IT, security, privacy, and compliance
  • Experience supporting risk frameworks, reporting, and governance practices
  • Familiarity with emerging technology or AI-related risk

FAQs

Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.

Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.

We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business. 

That's why we recommend registering your resume so you can be considered for roles that have yet to be created. 

Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.

Handpicked roles for you