ZipRecruiter

Log In

1

Operational Risk Manager Jobs in Buffalo, NY (NOW HIRING)

M&T Bank

Operational Accounting Associate IV

Getzville, NY · On-site

$22.61 - $37.67/hr

Participate in responsibilities associated with new business initiatives under Manager's direction ... Adhere to applicable compliance/operational risk controls in accordance with Company or regulatory ...

Northwest

Small Business Credit Manager

Buffalo, NY · On-site

A core focus of the role is ensuring strict adherence to all applicable regulatory, legal, and compliance requirements, including internal policies, procedures, and operational risk management ...

M&T Bank

Branch Manager

Amherst, NY

Manages all activities of a branch. Responsible for the overall success of the branch operating ... Adheres to applicable compliance/operational risk controls in accordance with Company or regulatory ...

M&T Bank

Branch Manager

Amherst, NY · On-site

Manages all activities of a branch. Responsible for the overall success of the branch operating ... Adheres to applicable compliance/operational risk controls in accordance with Company or regulatory ...

next page

Showing results 1-20

People also search for

All JobsOperational Risk JobsOperational Risk Manager JobsOperational Risk Manager Jobs in Buffalo, NY

Operational Risk Manager information

See Buffalo, NY salary details

$45.5K

$116.9K

$229.6K

How much do operational risk manager jobs pay per year?

As of Jun 11, 2026, the average yearly pay for operational risk manager in Buffalo, NY is $116,923.00, according to ZipRecruiter salary data. Most workers in this role earn between $71,200.00 and $154,000.00 per year, depending on experience, location, and employer.

What Does an Operational Risk Manager Do?

An operational risk manager works to identify and limit the risk associated with a company’s operations. As an operational risk manager, your responsibilities involve assessing business operations, identifying issues, and creating reports on your findings. You then help develop policies and implement changes to lessen operational risks. Other duties include continually monitoring the business to find potential new threats and ensuring company compliance with laws and regulations.

What are the 4 pillars of operational risk management?

The four pillars of operational risk management are risk identification, risk assessment, risk mitigation, and risk monitoring. An Operational Risk Manager uses these pillars to develop strategies that minimize potential losses from internal processes, people, systems, or external events, often utilizing tools like risk dashboards and frameworks such as Basel II. Mastery of these pillars helps ensure organizational resilience and compliance.

What does an operational risk manager do?

An operational risk manager identifies, assesses, and mitigates risks that could disrupt a company's operations, such as process failures, fraud, or system outages. They develop risk management frameworks, monitor key risk indicators, and ensure compliance with regulations to protect the organization’s assets and reputation.

Do risk managers make good money?

Operational Risk Managers typically earn competitive salaries that vary by industry, experience, and location. According to industry data, the median annual salary ranges from $80,000 to over $130,000, with additional compensation such as bonuses and benefits. Certifications like FRM or ORM can enhance earning potential in this field.

What are some common challenges faced by Operational Risk Managers in maintaining effective risk controls across different departments?

Operational Risk Managers often encounter challenges in ensuring consistent risk controls due to varying processes, priorities, and risk appetites across departments. Communication gaps and resistance to change can make it difficult to implement standardized procedures. Successfully overcoming these challenges involves building strong cross-functional relationships, conducting regular training, and fostering a risk-aware culture to ensure alignment on risk management practices throughout the organization.

What are the key skills and qualifications needed to thrive as an Operational Risk Manager, and why are they important?

To thrive as an Operational Risk Manager, you need a solid understanding of risk assessment, regulatory compliance, and internal controls, typically supported by a degree in finance, business, or a related field. Familiarity with risk management frameworks, GRC (governance, risk, and compliance) systems, and certifications such as FRM or ORM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills set top performers apart in this role. These competencies are crucial for identifying, mitigating, and communicating operational risks, ensuring organizational stability and regulatory adherence.

What is the difference between Operational Risk Manager vs Risk Analyst?

AspectOperational Risk ManagerRisk Analyst
CertificationsCFA, FRM, or similarCFA, FRM, or similar
Work EnvironmentFinancial institutions, banks, insurance companiesFinancial firms, consulting, corporate risk teams
ResponsibilitiesIdentify, assess, and mitigate operational risks; develop risk frameworksAnalyze risk data, support risk assessments, prepare reports

The Operational Risk Manager focuses on managing and mitigating operational risks within organizations, often holding certifications like CFA or FRM. In contrast, Risk Analysts primarily analyze risk data and support risk management processes. Both roles are vital in financial sectors and share similar credentials, but the Operational Risk Manager has a broader responsibility for risk mitigation strategies.

What are the 5 steps of orm?

In operational risk management (ORM), the five key steps are: identifying risks, assessing their likelihood and impact, implementing controls to mitigate risks, monitoring the effectiveness of these controls, and reviewing and improving the risk management process regularly. These steps help operational risk managers proactively manage potential threats to an organization’s operations.
More about Operational Risk Manager jobs
What are the most commonly searched types of Operational Risk jobs in Buffalo, NY? The most popular types of Operational Risk jobs in Buffalo, NY are:
What are popular job titles related to Operational Risk Manager jobs in Buffalo, NY? For Operational Risk Manager jobs in Buffalo, NY, the most frequently searched job titles are:
What job categories do people searching Operational Risk Manager jobs in Buffalo, NY look for? The top searched job categories for Operational Risk Manager jobs in Buffalo, NY are:
What cities near Buffalo, NY are hiring for Operational Risk Manager jobs? Cities near Buffalo, NY with the most Operational Risk Manager job openings:
Operational Risk Manager jobs near you
Infographic showing various Operational Risk Manager job openings in Buffalo, NY as of June 2026, with employment types broken down into 85% Full Time, 14% Part Time, and 1% Contract. Highlights an 92% Physical, 2% Hybrid, and 6% Remote job distribution, with an average salary of $116,923 per year, or $56.2 per hour.
Internal IT Audit: Cloud Risk Specialization

Internal IT Audit: Cloud Risk Specialization

Wilmington Trust

Buffalo, NY • On-site

$87K - $119K/yr

Full-time

This job post has expired today. Applications are no longer accepted.

Job description

THIS ROLE IS HYBRID, 4 DAYS PER WEEK ONSITE, BASED OUT OF BUFFALO, NY; BRIDGEPORT, CT; OR WILMINGTON, DE. WILL CONSIDER BOSTON, MA OR NYC APPLICANTS AS WELL. CANDIDATES MUST BE WITHIN A COMMUTABLE DISTANCE OR WILLING TO RELOCATE.
Overview:
  • Must have senior level or above Internal Audit IT Experience.
  • This individual contributor position will be a part of the Technology Domain Audit Team and will be responsible for the following:
  • Providing senior level expertise and contributing to delivery of assurance services specific to the Bank's Cloud and Colo Data Center Migration. This position will play an important role in carrying out the Division's strategic approach to cloud auditing along with assessing the adequacy of the structures and processes put into place by management to govern the organization's migration of systems to both Microsoft Azure public cloud and Colo data center facility destinations.
  • Providing subject matter expertise and leading the execution of audit procedures over cloud-based infrastructure and cybersecurity capabilities, all while ensuring high quality deliverables in accordance with division and professional standards.
  • Owning the delivery of assurance services across other areas of the Technology and Cybersecurity domains, as needed. This could include leading other audit engagements in these domains, completing issue validation procedures, executing continuous auditing activities, etc.

Primary Responsibilities:
Successful Audit Plan Completion
  • Plan, coordinate and maintain full ownership over execution of assurance work specific to core technology infrastructure and cybersecurity audits, with a particular focus on assessing cloud risk management practices at the Bank. This role is expected to operate with a high level of independence and to deliver high quality deliverables given associated experience.
  • Assist the Audit Division in execution of its strategy specific to the holistic coverage of cloud risks across the Audit Plan and in development of cloud specific audit programs.
  • Stay abreast of best practices, industry developments, and changing or emerging technology and cloud risks, consult with Audit teams to ensure their coverage is appropriate in applicable audits given this information, and ensure senior management in Audit is kept apprised of impacts to the Division's assurance work.
  • Responsible for becoming intimately familiar with the organizational structure for the Bank's Technology Division and developing relationships with key members of management.
  • Organize and complete work within established budgets and time frames with minimal direction from audit management.
  • Incorporate the use of data analytics/AI throughout all phases of the audit process.
  • Make sound decisions independently, exhibiting initiative and intuitive thinking.
  • Maintain ongoing communication with the 1st and 2nd line Risk Management/Oversight organizations to align assurance activities, share risk information, etc.
  • Supervise other Audit staff as needed, based on the body of work being completed.

Leadership, Decision Making, and Communication
  • Possess strong management and interpersonal skills, make sound decisions independently, exhibiting initiative and intuitive thinking.
  • Proactively communicate with senior management members of the audit team and line of business senior and executive regarding the status of audits and potential issues identified.
  • Build strong partnerships with business stakeholders and audit team members.
  • Demonstrates strong judgment, political astuteness, and sensitivity to cultural commitment.

Developing Others
  • Coach and mentor junior audit team members through knowledge sharing, tailoring the approach based upon their skills and experience.

Other Responsibilities
  • Adhere to applicable compliance/operational risk controls in accordance with Company or regulatory standards and policies.
  • Promote an environment that supports belonging and reflects the M&T Bank brand.
  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators, as applicable.
  • Complete other related duties as assigned.

Scope of Responsibilities:
  • This role operates independently within a matrix reporting environment and is responsible for the timely delivery of high quality, value-added audit reports for a variety of business activities (complex in nature), which meet the requirements of the Audit Committee and regulatory expectations. Ensures ongoing conformance with professional auditing standards.
  • This position directly communicates with Senior, Middle and Line Management and External Auditors. Builds strong partnerships with business stakeholders and other audit team members.
  • This role also requires periodic interaction with external regulatory agencies.

Supervisory/ Managerial Responsibilities:
  • May provide coaching opportunities for certain audit professionals but is not responsible for performance management, compensation planning, or other similar duties.

Education and Experience Required:
  • Bachelor's degree, preferably in Computer Science, MIS, Technology, Cybersecurity or other related technical field and 7 years of relevant experience, inclusive of 2 years of work leadership experience. In lieu of degree, a combined minimum of 11 years higher education and/or work experience including 7 years of relevant work experience and 2 years of work leadership experience.
  • Detailed knowledge of audit theory
  • Detailed knowledge and experience in conducting audits of controls in cloud-based environments (notably Microsoft Azure) or assessing cloud architecture.
  • Detailed understanding of industry frameworks guiding management of cloud computing risks
  • Relevant professional certification, or actively pursuing professional certification.
  • Demonstrates strong judgment, political astuteness, and sensitivity to cultural diversity.
  • Possesses strong project management and interpersonal skills, makes sound decisions, exhibiting initiative and critical thinking.
  • Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
  • This individual must be an articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style.

Education and Experience Preferred:
  • MBA or Master's degree in an appropriate field preferred.
  • Working knowledge and experience in auditing compute, database, network and storage infrastructure risks, technology governance and risk management concepts, modern software engineering practices, mainframe technology, and IT service management disciplines.
  • Cloud risk or cloud audit-oriented certification is a definite asset (e.g. CCSK or CCAK), as are certifications such as CISSP.
  • Understanding of regulatory requirements/expectations as they relate to technology and cybersecurity risks in the financial services industry;
  • Excellent verbal and written communication skills. Ability to convey complex conceptual information/ideas on issues requiring extensive interpretation and opinion. Experience in applying appropriate discretion when dealing with sensitive issues and conveying technical concepts in an easy to understand manner;
  • Proven ability in managing multiple bodies of work simultaneously under tight deadlines;
  • Proven leadership skills, with the ability to develop and motivate; and
  • Strong organizational and resource management skills.
  • Financial Services Industry experience preferred

#LI-RS1
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $107,500.00 - $179,100.00 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
Location
Buffalo, New York, United States of America

Apply