Jobs · Management · New York

Manager of Risk & Trust Operations

Reflection · New York, NY · Today
On-siteManagementFull-time

Role Overview

The Manager of Risk & Trust Operations is responsible for translating the organization's risk governance frameworks and policies into operational reality. This leader owns the operational machinery that validates adherence, surfaces issues, and drives resolution. The result is a continuously evidenced, audit-ready risk posture that can be confidently represented to customers, regulators, and leadership.

What You'll Do

  • Drive the end-to-end lifecycle for risk assessments and certifications supporting the deals pipeline and go-to-market efforts, ensuring risk reviews are completed with the speed and rigor the business requires.

  • Partner closely with sales, legal, and product teams to scope and deliver risk assessments tailored to customer requirements, industry verticals, and deal-specific obligations.

  • Develop and maintain a library of reusable risk assessment artifacts, certifications, and evidence packages that accelerate commercial cycles without compromising quality.

  • Serve as a risk subject matter expert in customer-facing conversations, due diligence requests, and RFP responses involving risk, compliance, and AI safety topics.

  • Conduct upfront due-diligence assessments, ongoing risk monitoring, and on-demand risk reviews of third parties and vendors supporting organizational operations.

  • Establish clear criteria for vendor risk tiering, onboarding requirements, and ongoing monitoring cadences — ensuring continuous visibility into the risk profile of the extended enterprise.

  • Coordinate with procurement, legal, and technology teams to ensure vendor risk findings are reflected in contracting, remediation timelines, and relationship management decisions.

  • Validate and evidence the design and operational efficacy of policies, standards, controls, and guardrails related to risk management — translating governance intent into demonstrable operational outcomes.

  • Design and execute controls testing programs that provide reliable, audit-quality evidence of control effectiveness across the organization's obligation landscape.

  • Develop and maintain structured assurance documentation that enables confident representation of risk posture to regulators, auditors, and enterprise customers.

  • Identify and escalate control design or operational gaps, working cross-functionally to drive timely and durable remediation.

  • Own the AI abuse and safety violation response program end-to-end, including detection, triage, investigation, response coordination, and remediation tracking.

  • Maintain the AI incident registry across the model lifecycle, ensuring all safety-relevant events are captured, classified, investigated, and closed with appropriate rigor and audit trail.

  • Develop and continuously refine detection methodologies, triage protocols, and escalation criteria that enable rapid, consistent responses to emerging safety signals.

  • Partner with product, engineering, legal, and communications teams to coordinate cross-functional responses to high-severity AI safety incidents, and drive post-incident reviews and control improvements.

  • Analyze incident trends to identify systemic vulnerabilities and proactively recommend improvements to AI safety controls, guardrails, and monitoring capabilities.

  • Manage the exception management process, including evaluation, approval, compensating control requirements, and time-bound tracking of all active exceptions.

  • Provide regular reporting to leadership on open issues, remediation velocity, exception inventory, and systemic risk trends, enabling informed decisions on risk tolerance and resource allocation.

Experience & Background

  • 15+ years of progressive experience in risk operations, compliance, internal audit, information security, or a closely related discipline — with meaningful leadership experience overseeing operational risk programs.

  • Prior experience in AI safety, responsible AI, or technology risk operations — with working knowledge of AI system risk evaluation, safety testing methodologies, and the operational lifecycle of AI models.

  • Experience operating in regulated environments and interacting directly with auditors, regulators, or enterprise customers on risk, compliance, or security topics.

Skills & Capabilities

  • Exceptional operational discipline — proven ability to design, document, and run repeatable, audit-quality risk management processes at scale.

  • Strong analytical and investigative skills, with the ability to triage complex risk issues, synthesize large volumes of evidence, and distinguish signal from noise.

  • Demonstrated ability to manage and report on multi-workstream operational programs, balancing competing priorities, tight timelines, and cross-functional dependencies.

  • Excellent written and verbal communication skills, including the ability to document risk findings clearly and represent the organization's risk posture credibly in customer-facing and regulatory settings.

  • Proficiency in risk management tools and GRC platforms; familiarity with evidence management, controls testing workflows, and incident tracking systems.

Mindset & Approach

  • An operational leader who takes pride in building evidence-based, audit-ready risk programs — and understands that credibility is earned through the quality and consistency of execution, not just the elegance of frameworks.

  • Calm and structured under pressure, with the judgment to triage and respond to fast-moving risk events — from safety incidents to regulatory inquiries — without sacrificing rigor.

  • Genuinely curious about AI and technology risk, and motivated to develop and maintain meaningful operational expertise in a domain that is evolving rapidly.

  • A builder at heart — energized by creating programs and processes where structure is still emerging, and committed to leaving operational infrastructure better than they found it.

What We Offer

  • Top-tier compensation: Salary and equity structured to recognize and retain our talent globally.

  • Stock options: Everyone who joins and contributes to Reflection's success gets to share in the upside through stock options.

  • Health & wellness: Comprehensive medical, dental, vision, and life, with an annual wellness allowance.

  • Meals: Lunch and dinner are provided in the office daily.

  • Life & family: 22 weeks paid parental leave for all new birthing and non-birthing parents, including adoptive and surrogate journeys.

  • Vacation days: Unlimited paid time off in the U.S. and 30 days in the U.K.

  • Sponsorship support: We sponsor visas to help exceptional talent join our team and support long-term immigration pathways where applicable.

  • Team building: We have regular off-sites, happy hours, and team celebrations.

Export Control Notice

This position may require access to technology or source code subject to the U.S. Export Administration Regulations. Any offer of employment for this role may be conditioned on the Company's ability to provide the candidate with access to such technology or source code in compliance with applicable U.S. export control laws, which may require the Company to seek government authorization.

Similar jobs

Manager, Trust & Safety

FanaticsNew York, NY· 2 wk ago
RemoteManagement$85k–$110k/yrapply on job-boards.greenhouse.io

Manager of Risk Management

Woodland Heights Medical CenterLufkin, TX· 3 mo ago
Financeapply on fa-evxo-saasfaprod1.fa.ocs.oraclecloud.com