IT Risk Management
Before You Apply
- See if your CV survives TAWANTECH's ATS filters
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $3.99 one-time.
Role Purpose
Responsible for identifying, assessing, monitoring, and reporting IT and Cyber risks to ensure regulatory compliance and protect the bank’s technology environment in alignment with enterprise risk management.
Key Responsibilities
• Develop and maintain IT Risk Management Framework and IT Risk Register
• Define and monitor IT Risk Appetite and KRIs
• Conduct IT & Cyber risk assessments across applications, infrastructure, cloud, cybersecurity, and third parties
• Perform inherent and residual risk analysis
• Ensure compliance with:
• Saudi Central Bank Cybersecurity Framework (CSF)
• National Cybersecurity Authority Essential Cybersecurity Controls (ECC)
• International Organization for Standardization ISO 27001
• ISACA COBIT
• PCI Security Standards Council PCI-DSS
•
• Monitor remediation plans and control effectiveness
• Prepare IT Risk reports for Senior Management, Risk Committee, and Board
• Manage third-party IT risk assessments
• Support internal and regulatory auditsRequirements
• 8+ years IT / Cyber Risk experience
• Banking or financial services experience (KSA preferred)
• Strong regulatory exposure (SAMA CSF / NCA ECC)
• Experience managing IT Risk Register
• Experience with GRC tools (Archer, ServiceNow GRC, MetricStream, AuditBoard)
• Certifications preferred: CISA, CISM, CRISC, CISSP
Must Have
• Banking IT risk experience
• Regulatory audit exposure
• Strong risk assessment background
• Professional certification (CISA/CISM/CRISC/CISSP)
Requirements
- •8+ years IT / Cyber Risk experience
- •Banking or financial services experience (KSA preferred)
- •Strong regulatory exposure (SAMA CSF / NCA ECC)
- •Experience managing IT Risk Register
- •Experience with GRC tools (Archer, ServiceNow GRC, MetricStream, AuditBoard)
- •Professional certification (CISA/CISM/CRISC/CISSP)
- •Banking IT risk experience
- •Regulatory audit exposure
Nice to Have
- •Certifications: CISA, CISM, CRISC, CISSP
Responsibilities
- •Identify, assess, monitor, and report IT and Cyber risks
- •Ensure regulatory compliance
- •Develop and maintain IT Risk Management Framework and IT Risk Register
- •Define and monitor IT Risk Appetite and KRIs
- •Conduct IT Cyber risk assessments
- •Perform inherent and residual risk analysis
- •Ensure compliance with SAMA CSF, NCA ECC, ISO 27001, COBIT, PCI-DSS
- •Monitor remediation plans and control effectiveness
Related Jobs
- Check your resume before TAWANTECH rejects it
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $3.99 one-time.