Risk Management Jobs

From Open Risk Manual


This page aims to categorize Risk Management Jobs and provide links to more detailed job descriptions. The scope is risk management in general, which means that there are many areas where the boundaries of what is a risk management role (versus other business roles) are quite diffuse. This is particularly true for business models where risk is formally underwritten (Banking, Insurance) which singles out specific risk types as part of the "business-as-usual" and distinct from other potential risks.

To keep the catalog to a manageable size:

  • seniority levels are not handled as distinct roles. Where important (materially different responsibilities) this should be reflected as a additional element in the job description
  • roles are not specified for narrow domains: e.g. there is a regulatory reporting analyst but not a Basel III reporting analyst
  • there are linguistic variations for role descriptions even within the English language. Where useful alternative role names will be mentioned
  • there precise contractual relation with the organization (permanent role, external) is not relevant and is not indicated. E.g., there is no Risk Consultant.

NB: In a Financial Institution that must follow detailed regulatory requirements in the organization of their Risk Management Function it may be the case that certain activities must be further separated (e.g., Independent Risk Management and the Three Lines of Defense model). We do not follow this pattern here as it is too specific and as a result we include e.g., audit roles.


At the highest level we split risk management roles into General versus Specialized.

The classification of specialized risk management jobs follows, where possible the Risk Taxonomy. Many risk types are too granular or idiosyncratic and do not have a formal role assigned. E.g. there is no Key Person Risk manager job description, but it is conceivable that in a large organization this concern is part of some portfolio.

Alternative classifications are possible (e.g. by business model) but they would simply rearrange the grouping of roles.

General Roles

Many risk mangement roles span a wider range of risk specializations either because they sit higher in an organizational hierarchy or because they have some multi-disciplinary aspect.

Specialist Roles

Formal specialist risk management roles are particularly well developed for areas of risk management that attract regulatory scrutiny.

Operational Risk Roles

Operational Risk means the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events, and includes legal risk. It is thus a fairly general risk category and operational risk professionals may have further specializations e.g. in cyber risk, Legal Risk etc.

Cyber Risk Roles

One of the subtypes of Operational Risk is Cyber Risk has a well developed typology of functions / roles.

Market Risk Roles

Market Risk is a broad risk category that applies to financial or real assets that are actively traded in markets. There are general principles applicable across traded markets and this is considered a well developed risk function. Typical roles:

Liquidity Risk Roles

Liquidity Risk is a broad term that in general captures the ability of an agent to transact (sell or buy) non-cash assets in exchange for cash within a desired time-frame. In the context of Risk Management liquidity risk has two major sub-categories, Market Liquidity and Funding Liquidity (ability to finance a portfolio of risks). Liqudity risk managers will work typically within a broader Asset and Liability Management function.

Credit Risk Roles

A large number of roles within financial institutions are clustered around the management of Credit Risk

Quantitative Risk Management Roles

Quantitative Risk Management is an important set of frameworks, tools and practices that apply data driven techniques to the discipline of Risk Management. Such roles are typically quite technical in that they require modeling and programming skills