Risk Manager

The role

The Risk Manager will serve as a key member of Nebius's Risk Management function, reporting directly to the Head of Risk within the Legal Department. This role is central to the day-to-day execution and continuous improvement of Nebius's enterprise risk management (ERM) framework, with a particular focus on risk identification, monitoring, and the maintenance and evolution of the company-wide risk register.

Operating within a rapidly growing, global AI-infrastructure organisation, the Risk Manager will act as a critical liaison between the Risk Management function and Nebius's business units — including Finance, IT, Security, HR, Operations, Compliance, Procurement, Infrastructure, and Commercial teams. The role requires consistent, proactive engagement with business function leaders to ensure that risks are surfaced, assessed, documented, and tracked in a timely and structured manner.

This is an operationally focused, high-visibility role that demands strong analytical rigour, clear communication skills, and the ability to build trusted relationships across the organisation. The Risk Manager will play an essential part in enabling Nebius to scale responsibly while balancing innovation, speed, and regulatory expectations.

Your responsibilities will include:

Risk Identification & Assessment

The Risk Manager will lead and coordinate ongoing risk identification activities across all business functions, including the execution of periodic update of risk surveys and leading risk assessment workshops. This includes partnering with functional leaders to systematically identify emerging, operational, strategic, and regulatory risks relevant to Nebius's operations, products, and markets. The role holder will ensure that risk assessments are consistent, evidence-based, and aligned with the company's risk appetite and strategic priorities.

Risk Register Management & Monitoring

A core responsibility of this role is the ownership and day-to-day maintenance of Nebius's company-wide risk register. The Risk Manager will ensure that the register is continuously updated to reflect new and evolving risks, changes in risk ratings, the status of mitigation actions, and shifts in the business or regulatory environment. The role holder will establish and maintain a structured cadence of risk register reviews with risk owners and functional stakeholders the Risk Manager will drive remediation and follow-up with accountable parties where needed

Business Function Liaison & Cross-Functional Engagement

The Risk Manager will serve as the primary point of contact between the Risk Management function and Nebius's business units on all matters relating to risk identification, assessment, and monitoring. This involves building and sustaining strong working relationships with stakeholders in Legal, Security, Finance, IT, HR, Operations, Compliance, Procurement, Infrastructure, and Commercial teams. The role holder will facilitate regular risk reviews and check-ins with functional leaders, ensuring that risk information flows efficiently between the business and the central risk function

Risk Reporting & Insights

The Risk Manager will contribute to the preparation of clear, concise executive-level risk reports, dashboards, and presentations for the Head of Risk, the General Counsel, and senior leadership. This includes translating complex risk data into actionable insights and recommendations that support strategic decisions, new initiatives, market entry, and product launches.

Operational, Technology & Security Risk Support

The Risk Manager will work in collaboration with the Infrastructure and Technology departments, to support the assessment and monitoring of cybersecurity and information security risks, infrastructure, cloud, and AI platform risks.

We expect you to have:

• 4–7 years of experience in risk management, compliance, internal audit, or a closely related discipline, preferably within technology, AI, cloud infrastructure, or highly regulated environments
• Solid working knowledge of enterprise risk management frameworks such as COSO ERM or ISO 31000
• Demonstrated experience in maintaining and updating enterprise-level risk registers and conducting structured risk assessments
• Experience working in multi-entity, international organisations with exposure to complex regulatory landscapes
• Proven ability to engage and collaborate cross-functionally with stakeholders across a range of business functions
• Ability to communicate risk information clearly and effectively to both technical and non-technical audiences
• Strong analytical skills, excellent written and verbal communication abilities, and a high degree of integrity, discretion, and sound judgement
• Ability to manage multiple priorities and iterate quickly in a fast-paced environment

It will be an added bonus if you have:

• Exposure to AI governance, data privacy, cybersecurity, or emerging technology risks
• Experience contributing to Board or Audit Committee risk reporting materials
• Background in fast-scaling, high-growth, or pre-IPO environments
• Professional certifications in risk management (such as IRM Certificate/Diploma, CRISC, or equivalent)
• Familiarity with risk management tools and platforms (e.g., GRC software) and experience with data visualization or dashboard reporting

Competencies:

Analytical Rigour & Attention to Detail: Demonstrates a methodical, thorough approach to risk identification, assessment, and documentation. Maintains accuracy and completeness in the risk register and in all risk reporting outputs. Applies structured analytical methods to evaluate complex risk scenarios and translate findings into clear, evidence-based conclusions.

Cross-Functional Collaboration: Builds and maintains strong, trust-based relationships with colleagues across the organisation, from operational teams to senior functional leaders. Engages proactively with business units to surface risks and ensure that the risk function remains closely connected to the realities of the business.

Communication & Influence: Communicates risk information with clarity, precision, and appropriate context, tailoring messages to different audiences — from technical teams to executive leadership. Able to influence stakeholders and promote risk awareness without direct authority.

Problem Solving & Execution: Breaks down complex, ambiguous risk scenarios into structured, actionable plans. Balances rigour with pragmatism, ensuring that risk processes are fit for purpose without being overly burdensome.

Autonomy & Judgement: Operates effectively with a degree of independence, exercising sound judgement in prioritising risks and escalating issues appropriately to the Head of Risk. Comfortable working in ambiguous situations and adapting quickly to changing circumstances in a fast-paced environment.

Risk Culture Champion: Actively supports the embedding of risk awareness and ownership into day-to-day decision-making across Nebius. Promotes a pragmatic, positive approach to risk management that enables rather than constrains the business.

Integrity & Professionalism: Upholds the highest standards of integrity, discretion, and ethical conduct in all aspects of the role. Handles sensitive and confidential information with care and professionalism.