1

Model Risk Manager Jobs in Colorado (NOW HIRING)

Define and own the enterprise Human Risk Management strategy, operating model, charter, and roadmap aligned to NIST CSF 2.0 (Govern and Protect) and Asurion's security maturity program. * Establish ...

Develops and deploys models within the Model Development Control (MDC) and Model Risk Management (MRM) framework. * Composes, and assists peers with composing, technical documents for knowledge ...

Develops and deploys models within the Model Development Control (MDC) and Model Risk Management (MRM) framework. * Composes, and assists peers with composing, technical documents for knowledge ...

Develops and deploys models within the Model Development Control (MDC) and Model Risk Management (MRM) framework. * Composes and peer reviews technical documents for knowledge persistence, risk ...

Develops and deploys models within the Model Development Control (MDC) and Model Risk Management (MRM) framework. * Composes and peer reviews technical documents for knowledge persistence, risk ...

next page

Showing results 1-20

Model Risk Manager information

See Colorado salary details

$54.2K

$117.3K

$178.8K

How much do model risk manager jobs pay per year?

As of Jul 10, 2026, the average yearly pay for model risk manager in Colorado is $117,303.00, according to ZipRecruiter salary data. Most workers in this role earn between $94,600.00 and $135,600.00 per year, depending on experience, location, and employer.

What are some common challenges a Model Risk Manager faces when validating complex financial models?

Model Risk Managers often encounter challenges such as limited or incomplete data, evolving regulatory requirements, and the need to validate highly complex or proprietary models. They must work closely with model developers, quantitative analysts, and compliance teams to ensure all assumptions and methodologies are sound. Staying up to date with industry best practices and maintaining clear documentation are also crucial, as is effectively communicating findings to both technical and non-technical stakeholders.

What is the difference between Model Risk Manager vs Quantitative Analyst?

AspectModel Risk ManagerQuantitative Analyst
Required CredentialsAdvanced degrees in finance, statistics, or mathematics; certifications like FRM or CFADegree in finance, economics, mathematics, or related fields; often CFA or CQF
Work EnvironmentFocus on risk management teams within financial institutions; regulatory complianceAnalytical roles within trading, investment, or banking divisions; model development
Employer & Industry UsageFinancial institutions, banks, asset managersInvestment firms, hedge funds, banks, financial services

The Model Risk Manager primarily oversees and mitigates risks associated with financial models, ensuring compliance and accuracy. In contrast, Quantitative Analysts develop and implement models to support trading, investment, or risk strategies. While both roles require strong quantitative skills and similar credentials, their focus areas differ—risk management versus model development and analysis.

What are the key skills and qualifications needed to thrive as a Model Risk Manager, and why are they important?

To thrive as a Model Risk Manager, you need a solid background in quantitative finance, statistics, or mathematics, often supported by an advanced degree and experience in model development or validation. Familiarity with programming languages such as Python or R, risk management frameworks, and regulatory requirements like SR 11-7 or ECB guidelines is typically expected. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for articulating complex model risks to stakeholders. These competencies are vital for ensuring the accuracy, compliance, and reliability of financial models within an organization.

What does a Model Risk Manager do?

A Model Risk Manager is responsible for identifying, assessing, and mitigating risks associated with financial and analytical models used by an organization. They ensure that models are accurate, reliable, and compliant with regulatory standards by overseeing validation processes and monitoring model performance. Their role often includes collaborating with model developers, conducting independent reviews, and implementing model governance frameworks to minimize potential losses or errors stemming from model misuse or inaccuracies.
What are popular job titles related to Model Risk Manager jobs in Colorado? For Model Risk Manager jobs in Colorado, the most frequently searched job titles are:
What cities in Colorado are hiring for Model Risk Manager jobs? Cities in Colorado with the most Model Risk Manager job openings:
Sr. Manager, Human Risk Management

Sr. Manager, Human Risk Management

Asurion

Sterling, CO • On-site

Other

This job post has expired 2 days ago. Applications are no longer accepted.


Asurion rating

7.2

Company rating: 7.2 out of 10

Based on 84 frontline employees who took The Breakroom Quiz

121st of 208 rated it services


Job description

Position Overview

Asurion is building a modern, AI-native Human Risk Management function-and this role leads it. Reporting to the Senior Director, Cyber Risk & Trust, the Senior Manager designs, builds, and operates an enterprise program that measurably reduces human-driven cyber risk. This leader will pivot the company from traditional awareness training to behavior and culture change, measured by risk reduction, faster reporting, and resilient habits at scale. The program integrates across HR, Legal & Privacy, Internal Communications, IT & Identity, Security Operations, and AI & Data Governance, and rolls into executive and board-level reporting as a cornerstone of the multi-year security maturity roadmap.

The ideal candidate is a builder with executive presence who uses telemetry, experimentation, and AI to drive targeted interventions across distinct workforce populations. Success is defined by reduced risky behaviors, improved reporting rates and time-to-report, and a positive, psychologically safe security culture.

Key Responsibilities
  • Define and own the enterprise Human Risk Management strategy, operating model, charter, and roadmap aligned to NIST CSF 2.0 (Govern and Protect) and Asurion's security maturity program.
  • Establish governance for the human-risk domain; represent human risk in security leadership forums; deliver regular executive and board-level reporting focused on risk reduction.
  • Build, lead, and develop a small expert team; manage budget, vendors, and platforms; scale reach through a distributed Security Champions network.
  • Partner with HR, Legal & Privacy, Internal Communications, IT & Identity, Security Operations, and AI & Data Governance to embed human-risk practices into the flow of work.
  • Design and maintain per-person and per-team human risk scores by aggregating signals from phishing simulations and reports, DLP, CASB, EDR, identity, access sensitivity, and engagement data.
  • Use analytics and AI to identify high-risk cohorts, predict likely compromise, and drive targeted interventions; quantify ROI in risk-reduction terms.
  • Build privacy-by-design into all capabilities in partnership with Legal & Privacy-aggregated and role-based views by default, with clear policy and lawful basis for any individual-level monitoring.
  • Replace annual CBT with continuous, role- and risk-personalized learning pathways for varied populations (general workforce, developers/engineers, finance/AP, executives/EAs, privileged admins, HR/recruiting, contact-center/customer-facing teams).
  • Own an AI-threats education track covering GenAI phishing and BEC, deepfakes, voice cloning/vishing, synthetic identities, quishing, MFA fatigue, and shadow-AI data leakage; reinforce out-of-band verification habits.
  • Run a full-spectrum, ethically governed simulation function beyond email phishing, including spear-phishing, vishing, smishing, quishing, USB/physical-media, physical social engineering/tailgating, and help-desk callback drills.
  • Pilot controlled, consented deepfake voice/video drills for finance and executive populations; prioritize reporting rate and time-to-report over click rate; deliver immediate teachable moments with no shaming.
  • Implement in-the-moment behavioral guidance: inline email banners, DLP and browser nudges, identity-aware prompts, and one-click phishing reporting with AI auto-triage and closed-loop feedback.
  • Stand up an always-on "ask security anything" conversational assistant leveraging the company's AI direction.
  • Brand and communicate the program with consistent campaigns; secure visible executive sponsorship; recognize positive behaviors; embed security into onboarding, role changes, and offboarding; enable manager visibility consistent with privacy principles.
  • Lead the human side of secure AI adoption with AI & Data Governance: acceptable-use policy, enablement of approved tools, shadow-AI reduction, AI-builder training, and alignment with partner/regulatory obligations.
Education and Experience
  • Bachelor's degree or equivalent practical experience.
  • 8+ years in cybersecurity, information security, or closely related fields, including substantial experience in security awareness, human risk management, or security culture.
  • 3+ years leading programs and/or people, with demonstrated success building or significantly maturing a human-risk or awareness program at enterprise scale.
  • Hands-on familiarity with phishing-simulation and human-risk platforms, and how DLP, CASB, EDR, and identity signals inform a human-risk profile.
  • Working knowledge of NIST Cybersecurity Framework (CSF) 2.0 and mapping a human-risk program to it.
  • Strong command of modern and AI-enabled threats (GenAI phishing, deepfakes, voice cloning, shadow AI) and the defensive behaviors that counter them.
  • Experience building programs with privacy-by-design in global, regulated environments in partnership with Legal & Privacy.
  • Nice to have: global/multi-region experience (e.g., EU works councils), instructional design or behavioral science background, marketing/communications or change management expertise, Security Champions networks, AI/automation at scale, contact-center risk familiarity, and relevant certifications (e.g., SANS SSAP, CISSP, CISM).
Knowledge, Skills, and Abilities
  • Behavior-first, data-driven mindset; defines clear outcome metrics and proves risk reduction.
  • Strategic builder who can operate from zero-to-one and scale sustainably with AI and automation.
  • Exceptional communication, storytelling, and stakeholder influence; strong executive presence.
  • Ability to partner cross-functionally and drive change without direct authority.
  • Expertise in experimentation, A/B testing, telemetry, and dashboarding for leaders and managers.
  • Ethical judgment and privacy-by-design orientation that preserves employee trust.
  • Positive, psychologically safe leadership style that encourages reporting and learning.
  • Relentless focus on measurable outcomes and continuous improvement.
Travel Requirements

N/A

Physical Demands
  • Stationary Position: Frequently
  • Vision: 20/20 corrected vision
  • Hearing: Receive detailed information if spoken to

What Asurion employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom