Quanloop is building and running a security‑sensitive investment platform. We are hiring a Risk Manager in Limassol to run the risk framework and ensure risks are identified, monitored and controlled in a firm that is pending authorisation as an investment firm. The role is designed to maintain independence and the ability to challenge decisions where risk is material.

This is an office‑first role based in Limassol and is hired locally. You will work closely with the Head of Compliance, MLRO, DORA programme governance and technology leadership to keep risk management practical, defensible and usable in day‑to‑day decision-making.

Role snapshot

Working model: Office‑first (on‑site).
Hiring basis: Local hiring for the Limassol office location.
Language: English‑first working language.
Reporting line: Administrative reporting into senior management; functional reporting to the Board/Risk Committee for risk appetite, material risk issues, and escalations.

What you’ll be responsible for

Run and maintain the firm’s risk management framework, including policies, governance routines, risk appetite, reporting lines and escalation paths.
Identify, measure, monitor and control key risk types relevant to the business model, including operational risk and conduct/client risk; and, where applicable, market, credit/counterparty and liquidity risk.
Produce regular risk reporting for senior management and governance bodies, including KRIs, breaches/escalations and remediation follow-ups.
Challenge new products, changes and material initiatives before launch, ensuring risks are understood, documented and controlled.
Maintain risk registers and ensure remediation actions are owned, tracked and completed.
Coordinate with Compliance on regulatory risk and with Infrastructure/Information Security on operational resilience topics, including DORA-related expectations where applicable.
Support third-party and outsourcing risk oversight together with relevant owners.
Escalate material risks appropriately and ensure governance bodies receive clear, timely information.

What success looks like in the first 3–6 months

The risk framework is workable and used: clear routines, clear ownership, fewer ad‑hoc decisions.
Risk reporting is predictable and decision‑useful, with better follow‑up on remediation actions.
New initiatives are reviewed earlier, reducing late surprises and rework.
Operational resilience and third‑party risks are visible and actively managed, not discovered late.

What we’re looking for

Relevant experience running risk management in investment firms, financial services or other high‑scrutiny environments.
Strong understanding of operational risk and governance, and ability to build practical controls and reporting routines.
Comfortable producing board-level reporting (KRIs, breaches, remediation tracking) in clear, plain English.
Ability to challenge constructively: raise risks early and make trade-offs explicit.
Working knowledge of operational resilience expectations, including DORA-related themes and ICT/cyber risk coordination.
Clear written and spoken communication in English, with strong documentation discipline.
Comfortable working on site in Limassol.

How to apply

Apply with your CV (LinkedIn optional). A short note is welcome, but not required.

Risk Manager