1

Operational Risk Manager Jobs in Detroit, MI (NOW HIRING)

Project Manager Customer Team

Auburn Hills, MI · On-site

$77K - $98K/yr

Ensure effective operational risk management throughout the entire project lifecycle. * Prepare and present Quality Gate reports in accordance with PDP requirements in collaboration with the project ...

Project Manager Customer Team

Auburn Hills, MI · On-site

$77K - $98K/yr

Ensure effective operational risk management throughout the entire project lifecycle. * Prepare and present Quality Gate reports in accordance with PDP requirements in collaboration with the project ...

next page

Showing results 1-20

Operational Risk Manager information

See Detroit, MI salary details

$46.5K

$119.5K

$234.6K

How much do operational risk manager jobs pay per year?

As of Jul 9, 2026, the average yearly pay for operational risk manager in Detroit, MI is $119,494.00, according to ZipRecruiter salary data. Most workers in this role earn between $72,800.00 and $157,400.00 per year, depending on experience, location, and employer.

What Does an Operational Risk Manager Do?

An operational risk manager works to identify and limit the risk associated with a company’s operations. As an operational risk manager, your responsibilities involve assessing business operations, identifying issues, and creating reports on your findings. You then help develop policies and implement changes to lessen operational risks. Other duties include continually monitoring the business to find potential new threats and ensuring company compliance with laws and regulations.

What are the 4 pillars of operational risk management?

The four pillars of operational risk management are risk identification, risk assessment, risk mitigation, and risk monitoring. An Operational Risk Manager uses these pillars to develop strategies that minimize potential losses from internal processes, people, systems, or external events, often utilizing tools like risk dashboards and frameworks such as Basel II. Mastery of these pillars is essential for effective risk oversight and compliance.

What does an operational risk manager do?

An operational risk manager identifies, assesses, and monitors risks that could disrupt a company's operations, such as process failures, fraud, or system outages. They develop strategies to mitigate these risks, ensure compliance with regulations, and often use risk management tools and data analysis to support decision-making.

Do risk managers make good money?

Operational Risk Managers typically earn competitive salaries that vary by industry, experience, and location. According to industry data, the median annual salary ranges from $80,000 to over $130,000, with additional compensation such as bonuses and certifications like FRM or ORM enhancing earning potential.

What are some common challenges faced by Operational Risk Managers in maintaining effective risk controls across different departments?

Operational Risk Managers often encounter challenges in ensuring consistent risk controls due to varying processes, priorities, and risk appetites across departments. Communication gaps and resistance to change can make it difficult to implement standardized procedures. Successfully overcoming these challenges involves building strong cross-functional relationships, conducting regular training, and fostering a risk-aware culture to ensure alignment on risk management practices throughout the organization.

What are the three C's of operational risk management?

The three C's of operational risk management are Culture, Controls, and Communication. These elements help organizations identify, assess, and mitigate risks effectively, which is essential for an Operational Risk Manager to ensure operational resilience and compliance. Developing strong controls and fostering a risk-aware culture are key skills in this role.

What are the key skills and qualifications needed to thrive as an Operational Risk Manager, and why are they important?

To thrive as an Operational Risk Manager, you need a solid understanding of risk assessment, regulatory compliance, and internal controls, typically supported by a degree in finance, business, or a related field. Familiarity with risk management frameworks, GRC (governance, risk, and compliance) systems, and certifications such as FRM or ORM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills set top performers apart in this role. These competencies are crucial for identifying, mitigating, and communicating operational risks, ensuring organizational stability and regulatory adherence.

What is the difference between Operational Risk Manager vs Risk Analyst?

AspectOperational Risk ManagerRisk Analyst
CertificationsCFA, FRM, or similarCFA, FRM, or similar
Work EnvironmentFinancial institutions, banks, insurance companiesFinancial firms, consulting, corporate risk teams
ResponsibilitiesIdentify, assess, and mitigate operational risks; develop risk frameworksAnalyze risk data, support risk assessments, prepare reports

The Operational Risk Manager focuses on managing and mitigating operational risks within organizations, often holding certifications like CFA or FRM. In contrast, Risk Analysts primarily analyze risk data and support risk management processes. Both roles are vital in financial sectors and share similar credentials, but the Operational Risk Manager has a broader responsibility for risk mitigation strategies.

What are the most commonly searched types of Operational Risk jobs in Detroit, MI? The most popular types of Operational Risk jobs in Detroit, MI are:
What are popular job titles related to Operational Risk Manager jobs in Detroit, MI? For Operational Risk Manager jobs in Detroit, MI, the most frequently searched job titles are:
What job categories do people searching Operational Risk Manager jobs in Detroit, MI look for? The top searched job categories for Operational Risk Manager jobs in Detroit, MI are:
What cities near Detroit, MI are hiring for Operational Risk Manager jobs? Cities near Detroit, MI with the most Operational Risk Manager job openings:

IT Risk & Controls Manager permanent position at Detroit, MI

MIT RESOURCE

Detroit, MI • On-site

Full-time

Posted 23 days ago


Job description

Company Description

Maganti IT Resources LLC

Job Description

Title: IT Risk & Controls Manager

Location: Detroit, MI 

Type: Permanent


Job description:


Our world-class IT organization supports an information technology driven business. We deliver industry-leading IT solutions to the "Best Online Bank" (Money Magazine, 2011 and 2012) and the leading Auto Finance Company. IT oversees critical functions that enable the day-to-day operations of the entire enterprise. 


Responsibilities include interpreting and responding to IT Open Control Matters and Risk issues for the assigned business unit or global function, train and support IT Managers to ensure common understanding is in place to meet compliance standards and resolve issues, support IT programs in conjunction with business, regulatory, and auditor expectations. Coordinate activities with internal and external auditors. Coordinate IT Management efforts in the collection and reporting of risk metrics. 


Risk and Control activities include: 

Enhance the IT control framework and help the IT organization integrate management of operational risk into their processes and practices 

Educate and train IT members in practices of risk and controls management 

Convey applicable legal and regulatory IT requirements for inclusion in standards and controls 

Develop and communicate controls required for use in SOX, project development and vendor acquisition 

Assist process owners in defining operational controls specific to their areas of responsibility 

Review existing and proposed controls for effectiveness and opportunities for improvement 

Provide guidance to management in self-assessing their own control environments 

Support organizations within IT to comply with audits, regulatory exams, assessments, and testing programs


Assist IT personnel by: 

Interpret and explaining requests from auditors, examiners, assessors, and testers 

Assist auditees in determining appropriate evidence needed to respond to requests 

Review evidence being provided by auditees to assure appropriateness, accuracy, and completeness 

Discuss potential issues with auditors and auditees to help determine if the finding is truly an issue 

Coach auditees on the development of proper action plans to address issues 

Review plans to assess effectiveness of proposed remediation and appropriateness of the timeline


Assist auditors and assessors by: 

Provide input on risks and open issues related to areas to be examined 

Assist auditors in obtaining evidence by escalating, as needed 

Consult on potential issues monitor and manage project and vendor risks 

Advise project team members on appropriate steps to identify and mitigate project risks 

Identify controls required in the project design and the steps to be taken for verification of controls


For high-risk projects: 

Review risks and risk mitigation plans prior to each tollgate 

Advise on controls to be included and steps needed to test controls 

Escalate concerns with unmitigated risks prior to go-live for projects involving application acquisition 

Assist project team in obtaining and reviewing SSAE16 or similar documentation for determining effectiveness of vendor controls 

Provide guidance for additional control evaluation needed beyond SSAE16 

Proactively manage open control matters. 

Track status of open control matters reported in the Risk Convergence Report (audit, regulatory, SOX, PCI, risk and compliance assessments, self-identified) 

Obtain status updates from action plan owners at least monthly 

Provide status of open issues to IT leadership, as well as second and third LoDs

Assist management in remediating and closing issues on time, helping to collect appropriate evidence and document request for closure, as needed 

Validate completeness of remediation efforts to maximize acceptance for closing, and minimize reopening of issues 


The IT Risk & Controls Manager reports to the Risk and Compliance Director. 


Required qualification:

5-15 years experience of Risk & Control in the banking industry 

Proficiency with Risk Management Practices 

Strong IT audit experience 

Strong Risk assessment experience 

Knowledge of ITIL processes 

Familiarity with COBIT Information Security 

Familiarity with Sarbanes-Oxley compliance 

Experience at a financial holding company (FHC) 

Experience with ISO2700x and PCI-DSS Information Security 

Familiarity with GLBA, EU Data Protection Directive, and other relevant laws and regulations 

Knowledge and experience in performing assessments aligned with FFIEC work programs

'A PLUS' 

Industry designation (e.g., CRISC, CISA, CISSP, CISM)

Strong written and oral communications skills including the ability to create organized and articulate summaries of risk assessment findings/points of view that are easily understood by teammates, LOBs, etc. 

Ability to interact with a variety of internal and external people in a professional manner that creates confidence in his/her knowledge and abilities and helps foster mutually satisfactory resolution to risk gaps and issues 

Familiarity with Federal Financial Institutions Examination Council (FFIEC) guidance and work plans 

Ability to work effectively as a member of a cross-functional team 

Knowledge of IT infrastructure and security 

Proficiency in Microsoft Office Applications 

Analytical and problem solving skills 

Self-motivation and direction 

Detail orientation 

Good organizational skills, ability to establish priorities 

Ability to multi-task, handle competing priorities and follow through on all open items/tasks 

Ability to travel up to 25% 

BS/BA or equivalent experience required




Qualifications

Title: IT Risk & Controls Manager

Location: Detroit, MI 

Type: Permanent


Job description:


Our world-class IT organization supports an information technology driven business. We deliver industry-leading IT solutions to the "Best Online Bank" (Money Magazine, 2011 and 2012) and the leading Auto Finance Company. IT oversees critical functions that enable the day-to-day operations of the entire enterprise. 


Responsibilities include interpreting and responding to IT Open Control Matters and Risk issues for the assigned business unit or global function, train and support IT Managers to ensure common understanding is in place to meet compliance standards and resolve issues, support IT programs in conjunction with business, regulatory, and auditor expectations. Coordinate activities with internal and external auditors. Coordinate IT Management efforts in the collection and reporting of risk metrics. 


Risk and Control activities include: 

Enhance the IT control framework and help the IT organization integrate management of operational risk into their processes and practices 

Educate and train IT members in practices of risk and controls management 

Convey applicable legal and regulatory IT requirements for inclusion in standards and controls 

Develop and communicate controls required for use in SOX, project development and vendor acquisition 

Assist process owners in defining operational controls specific to their areas of responsibility 

Review existing and proposed controls for effectiveness and opportunities for improvement 

Provide guidance to management in self-assessing their own control environments 

Support organizations within IT to comply with audits, regulatory exams, assessments, and testing programs


Assist IT personnel by: 

Interpret and explaining requests from auditors, examiners, assessors, and testers 

Assist auditees in determining appropriate evidence needed to respond to requests 

Review evidence being provided by auditees to assure appropriateness, accuracy, and completeness 

Discuss potential issues with auditors and auditees to help determine if the finding is truly an issue 

Coach auditees on the development of proper action plans to address issues 

Review plans to assess effectiveness of proposed remediation and appropriateness of the timeline


Assist auditors and assessors by: 

Provide input on risks and open issues related to areas to be examined 

Assist auditors in obtaining evidence by escalating, as needed 

Consult on potential issues monitor and manage project and vendor risks 

Advise project team members on appropriate steps to identify and mitigate project risks 

Identify controls required in the project design and the steps to be taken for verification of controls


For high-risk projects: 

Review risks and risk mitigation plans prior to each tollgate 

Advise on controls to be included and steps needed to test controls 

Escalate concerns with unmitigated risks prior to go-live for projects involving application acquisition 

Assist project team in obtaining and reviewing SSAE16 or similar documentation for determining effectiveness of vendor controls 

Provide guidance for additional control evaluation needed beyond SSAE16 

Proactively manage open control matters. 

Track status of open control matters reported in the Risk Convergence Report (audit, regulatory, SOX, PCI, risk and compliance assessments, self-identified) 

Obtain status updates from action plan owners at least monthly 

Provide status of open issues to IT leadership, as well as second and third LoDs

Assist management in remediating and closing issues on time, helping to collect appropriate evidence and document request for closure, as needed 

Validate completeness of remediation efforts to maximize acceptance for closing, and minimize reopening of issues 


The IT Risk & Controls Manager reports to the Risk and Compliance Director. 


Required qualification:

5-15 years experience of Risk & Control in the banking industry 

Proficiency with Risk Management Practices 

Strong IT audit experience 

Strong Risk assessment experience 

Knowledge of ITIL processes 

Familiarity with COBIT Information Security 

Familiarity with Sarbanes-Oxley compliance 

Experience at a financial holding company (FHC) 

Experience with ISO2700x and PCI-DSS Information Security 

Familiarity with GLBA, EU Data Protection Directive, and other relevant laws and regulations 

Knowledge and experience in performing assessments aligned with FFIEC work programs

'A PLUS' 

Industry designation (e.g., CRISC, CISA, CISSP, CISM)

Strong written and oral communications skills including the ability to create organized and articulate summaries of risk assessment findings/points of view that are easily understood by teammates, LOBs, etc. 

Ability to interact with a variety of internal and external people in a professional manner that creates confidence in his/her knowledge and abilities and helps foster mutually satisfactory resolution to risk gaps and issues 

Familiarity with Federal Financial Institutions Examination Council (FFIEC) guidance and work plans 

Ability to work effectively as a member of a cross-functional team 

Knowledge of IT infrastructure and security 

Proficiency in Microsoft Office Applications 

Analytical and problem solving skills 

Self-motivation and direction 

Detail orientation 

Good organizational skills, ability to establish priorities 

Ability to multi-task, handle competing priorities and follow through on all open items/tasks 

Ability to travel up to 25% 

BS/BA or equivalent experience required



Additional Information

Please help pass along to colleagues or associates below position who are looking for new role if you are not available.


For further details contact me at 




chaitanya (at) mitresource (dot) com





Thank you for your time.