1

Operational Risk Manager Jobs in Severn, MD (NOW HIRING)

... Risk Manager, you will play a pivotal role within our Risk & Regulatory practice, focusing on ... operations, and achieving strategic goals. As a Manager, you will lead teams and manage client ...

New

Senior Analyst, ORM

Baltimore, MD · Hybrid

$80K - $95K/yr

Summary This new second line operational risk management role will support the day-to-day execution of the Investment Office, performing Transamerica Operational Risk Management activities including ...

New

next page

Showing results 1-20

Operational Risk Manager information

See Severn, MD salary details

$52.2K

$134.2K

$263.5K

How much do operational risk manager jobs pay per year?

As of Jul 15, 2026, the average yearly pay for operational risk manager in Severn, MD is $134,186.00, according to ZipRecruiter salary data. Most workers in this role earn between $81,700.00 and $176,800.00 per year, depending on experience, location, and employer.

What Does an Operational Risk Manager Do?

An operational risk manager works to identify and limit the risk associated with a company’s operations. As an operational risk manager, your responsibilities involve assessing business operations, identifying issues, and creating reports on your findings. You then help develop policies and implement changes to lessen operational risks. Other duties include continually monitoring the business to find potential new threats and ensuring company compliance with laws and regulations.

What are the 4 pillars of operational risk management?

The four pillars of operational risk management are risk identification, risk assessment, risk mitigation, and risk monitoring. An Operational Risk Manager uses these pillars to develop strategies that minimize potential losses from internal processes, people, systems, or external events, often utilizing tools like risk dashboards and frameworks such as Basel II. Mastery of these pillars is essential for effective risk oversight and compliance.

What does an operational risk manager do?

An operational risk manager identifies, assesses, and monitors risks that could disrupt a company's operations, such as process failures, fraud, or system outages. They develop strategies to mitigate these risks, ensure compliance with regulations, and often use risk management tools and data analysis to support decision-making.

Do risk managers make good money?

Operational Risk Managers typically earn competitive salaries that vary by industry, experience, and location. According to industry data, the median annual salary ranges from $80,000 to over $130,000, with additional compensation such as bonuses and certifications like FRM or ORM enhancing earning potential.

What are some common challenges faced by Operational Risk Managers in maintaining effective risk controls across different departments?

Operational Risk Managers often encounter challenges in ensuring consistent risk controls due to varying processes, priorities, and risk appetites across departments. Communication gaps and resistance to change can make it difficult to implement standardized procedures. Successfully overcoming these challenges involves building strong cross-functional relationships, conducting regular training, and fostering a risk-aware culture to ensure alignment on risk management practices throughout the organization.

What are the three C's of operational risk management?

The three C's of operational risk management are Culture, Controls, and Communication. These elements help organizations identify, assess, and mitigate risks effectively, which is essential for an Operational Risk Manager to ensure operational resilience and compliance. Developing strong controls and fostering a risk-aware culture are key skills in this role.

What are the key skills and qualifications needed to thrive as an Operational Risk Manager, and why are they important?

To thrive as an Operational Risk Manager, you need a solid understanding of risk assessment, regulatory compliance, and internal controls, typically supported by a degree in finance, business, or a related field. Familiarity with risk management frameworks, GRC (governance, risk, and compliance) systems, and certifications such as FRM or ORM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills set top performers apart in this role. These competencies are crucial for identifying, mitigating, and communicating operational risks, ensuring organizational stability and regulatory adherence.

What is the difference between Operational Risk Manager vs Risk Analyst?

AspectOperational Risk ManagerRisk Analyst
CertificationsCFA, FRM, or similarCFA, FRM, or similar
Work EnvironmentFinancial institutions, banks, insurance companiesFinancial firms, consulting, corporate risk teams
ResponsibilitiesIdentify, assess, and mitigate operational risks; develop risk frameworksAnalyze risk data, support risk assessments, prepare reports

The Operational Risk Manager focuses on managing and mitigating operational risks within organizations, often holding certifications like CFA or FRM. In contrast, Risk Analysts primarily analyze risk data and support risk management processes. Both roles are vital in financial sectors and share similar credentials, but the Operational Risk Manager has a broader responsibility for risk mitigation strategies.

What are popular job titles related to Operational Risk Manager jobs in Severn, MD? For Operational Risk Manager jobs in Severn, MD, the most frequently searched job titles are:
What cities near Severn, MD are hiring for Operational Risk Manager jobs? Cities near Severn, MD with the most Operational Risk Manager job openings:
Infographic showing various Operational Risk Manager job openings in Severn, MD as of July 2026, with employment types broken down into 86% Full Time, and 14% Part Time. Highlights an 100% In-person job distribution, with an average salary of $134,186 per year, or $64.5 per hour.
Manager, Cybersecurity Governance and Risk

Manager, Cybersecurity Governance and Risk

Next Step Systems

Washington, DC • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

Re-posted 8 days ago


Job description

Manager, Cybersecurity Governance and Risk, Washington, DC
The Manager, Cybersecurity Governance and Risk will lead IT risk management (ITRM) initiatives to increase the transparency of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk Operating Committee (ROC), and support the Governance and Risk team in identifying and implementing industry standards (e.g., NIST, ISO and COBIT) in accordance with applicable regulatory or client guidelines. The Manager will also assist in developing methodologies, policies, processes, and tools to support InfoSec and Governance and Risk initiatives. The role will contribute to evolving ITRM's oversight, reporting, governance, communications, and education efforts from an Information Security perspective. This position is 100% Onsite and not open for Remote.
Manager, Cybersecurity Governance and Risk Responsibilities:
- Assist with the development, implementation and management of the governance and risk strategic plan and roadmap, including evolving the reporting structure and frequency to InfoSec stakeholders.
- Serve as a key contributor in identifying, managing and communicating governance and risk across InfoSec policy domains, providing expertise to prioritize and manage risk, while facilitating the adoption in conjunction with the Controls Manager of IT Risk policies, standards and guidelines across the enterprise.
- In conjunction with the Controls and TPRM Managers, evolve, develop and manage the development, maintenance and evaluation of organizational InfoSec governance and risk procedures, processes and guidelines in accordance with Firm and Client requirements.
- Work with the Controls Manager and other stakeholders to identify, validate and document deficiencies in ITRM governance, processes and risk management practices, propose remediations, and enforce cross functional POAM initiatives and status reporting requirements in accordance with prioritization requirements.
- Manage the Cyber risk and issue registers and remediations, including supporting monthly ROC meetings (e.g., agenda, data calls, etc.), tracking and aggregating the risk registers and performing risk to policy domain to control(s) mapping to provide prioritization and transparency into control and policy domains requiring remediation.
- Evolve risk methodologies, as well as conduct and support risk assessments to support InfoSec the identification of risk across policy domains, identify opportunities for control enhancement and risk mitigation.
- Assist InfoSec's TPRM and Client InfoSec Assessments, including assessment activities (completion and quality control reviews), developing or revising control narratives and supporting reporting efforts to InfoSec leadership and stakeholders.
- Facilitate the definition and maintenance of InfoSec governance and risk measures and metrics; and handle additional related projects as assigned.
Manager, Cybersecurity Governance and Risk Qualifications:
- Bachelor's degree in information security, Information Assurance, Computer Science, Information Systems, or other related field (2 years of additional experience may be substituted for 2 years of college credits).
- At least 7 years of combined information technology, information security and risk management experience.
- Advanced awareness of current information security standards and developments (CSF, NIST, ISO), the COSO framework, as well as the emerging cyber threat landscape.
- Advanced understanding of risk management concepts, frameworks, and methodologies.
- Strong understanding of information security concepts and technologies.
- Strong project management skills and understanding of the technology and operational risks as related to technology solutions.
- Fundamental knowledge of the operation of law practices and advanced knowledge of MS Outlook, Word, Excel, Visio, and PowerPoint.
- Third party assessment experience, including the evaluation of SOC2 Type 2, SIG, Pen Test, etc., reports.
- Strong understanding of Operational Risk from a Technology perspective.
- Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices.
- Understanding of governance, risk and compliance (GRC) practices and technologies across governance, process and technical domains.
- Background in consulting preferred.
- Ability to develop and maintain solid working relationships across the departments, and high-level technical understanding of security applications, platforms and architectures.
- CISA, CISM, GSEC, CISSP, CRISC or other security-related certification preferred.
Benefits include medical insurance, retirement plan, Dental, Vision, PTO, etc.
Keywords: Washington DC Jobs, Manager, Cybersecurity Governance and Risk, Information Security, Risk Management, Methodologies, Outlook, Word, Excel, Visio, PowerPoint, Project Management, CFS, NIST, ISO, COSO Framework, GRC, Governance Risk and Compliance, SOC2 Type 2, SIG, Pen Test, CISA, CISM, GSEC, CISSP, CRISC, Washington DC Recruiters, Information Technology Jobs, IT Jobs, Washington DC Recruiting
Looking to hire for similar positions in Washington, DC or in other cities? Our IT recruiting agencies and staffing companies can help.
We help companies that are looking to hire Managers, Cybersecurity Governance and Risk for jobs in Washington, DC and in other cities too. Please contact our IT recruiting agencies and IT staffing companies today! Phone 630-428-0600 ext. 11 or email us at jobs@nextstepsystems.com.
Atlanta Georgia IT Recruiters, Austin TX IT Recruiters, Baltimore Executive Staffing, Boston IT Recruiters, Charlotte IT Recruiters, Chicago Recruiting Agency, Cincinnati Executive Search Firms, Cleveland Executive Tech Recruiting, Columbus Technical Recruiters, Dallas Recruiters for IT, Denver Technology Headhunters, Detroit IT Headhunters, Fort Lauderdale Information Technology Recruiters, Houston IT Recruiters, Indianapolis IT Recruiters, Jacksonville IT Recruiters, Kansas City IT Recruiters, Los Angeles IT Recruiters, Miami IT Recruiters, Minneapolis IT Recruiters, Nashville IT Recruiters, New Jersey Tech Recruiters, New York IT Recruiters, Phoenix IT Recruiters, Raleigh IT Recruiters, Salt Lake City IT Recruitment, San Antonio Information Technology Recruiters, San Diego Executive Staffing, San Francisco Executive Search Firms, San Jose Executive Tech Recruiting, Seattle Technical Recruiters, Silicon Valley Tech Recruiters, St. Louis Technology Headhunters, Tampa Technology Headhunters, Washington DC IT Recruiters
Home"Manager, Cybersecurity Governance and Risk