About the RoleWe're seeking a Senior Manager, Financial Risk Management to help shape and scale OpenAI's risk and controls framework across several dynamic business domains. This role will focus on identifying, prioritizing, and mitigating operational and financial risk across areas such as payments, equity, strategic investments, procurement, people processes, systems, third-party dependencies, and other finance-critical workflows.
This person will serve as a senior cross-functional partner to Finance, Controllership, Legal, People, Procurement, Corporate Development, Payments, Systems, and business operators to design and implement controls that are practical, scalable, and capable of holding up in a fast-changing environment with limited structure. The role requires someone with strong technical controls depth who can move fluidly between risk assessment, control design, program governance, and operational execution - translating ambiguous process risk into clear actions teams can adopt.
This role is based in San Francisco, CA. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.
In this role, you will:- Lead risk and controls support across multiple finance-critical business domains, with a focus on building scalable foundations in a rapidly developing environment.
- Assess risks across payments, equity, procurement flows, strategic investments, people processes and related systems.
- Identify where the control environment is weakest or most exposed, and prioritize the highest-risk areas for remediation, control design, governance, or monitoring support.
- Partner with operational, business, finance, legal, people, procurement, corporate development, and technical teams to design controls that are effective in practice and integrated into day-to-day workflows.
- Translate risks into clear operational requirements, including ownership models, approval points, control objectives, monitoring expectations, reconciliations, evidence needs, system dependencies, and escalation paths.
- Drive cross-functional remediation efforts where processes are unclear, fragmented, overly manual, inconsistently documented, or dependent on immature systems/data.
- Help teams balance speed and control by implementing fit-for-purpose guardrails that support execution, preserve accountability, and avoid unnecessary friction.
- Support new or changing processes, systems, deals, vendors, payment flows, and operating models by ensuring risk, control, governance, and evidence considerations are addressed upfront.
- Contribute to broader ICFR/SOX and operational risk readiness efforts by strengthening control design, documentation, testing readiness, issue management, and leadership visibility across high-impact processes.
You might thrive in this role if you have:- 10+ years of experience in financial risk management, operational risk, internal controls, SOX/ICFR, internal audit, controllership, finance transformation, or related risk/control roles.
- Experience working with at least some domains such as payments, procurement, strategic investments, M&A integration, HR/people processes, financial close, controllership, third-party risk, or other operational business processes.
- Strong judgment on how to design the right level of control in a fast-scaling company, including where lightweight guardrails are sufficient, where formal ICFR/SOX controls are required, and where automation or monitoring is the better answer.
- Experience working in environments with evolving systems, incomplete process structure, unclear ownership, or fragmented data - and bringing order without over-engineering.
- Demonstrated ability to partner effectively with operational, finance, legal, people, procurement, corporate development, and technical teams, including stakeholders who may initially view controls as slowing them down.
- Strong ability to translate broad risks into actionable controls, RCMs, narratives, operating requirements, quality gates, KRIs, dashboards, and remediation plans.
- Deep familiarity with core controls concepts, including preventive vs. detective controls, manual vs. automated controls, IT-dependent controls, monitoring mechanisms, evidence expectations, testing readiness, and deficiency evaluation.
- Strong communication, organization, and stakeholder management skills.
- ERP, GRC, procurement, payments, HRIS, investment, M&A integration, workflow, or data platform experience is a plus.
