وظيفة رئيس قسم مخاطر التحول الرقمي لدى بنك الرياض في الرياض

Job Purpose / Role:

Lead and manage the Digital & Transformation Risk function within TRD, responsible for independent oversight, assessment, and challenge of technology risks arising from the Bank’s digital and transformation initiatives.

The role ensures that risks associated with large-scale technology programs such as core banking modernization, data and AI initiatives, cloud adoption, API enablement, and DevOps transformation are proactively identified, rigorously assessed, and effectively governed across the full lifecycle.

The Section Head is accountable for approving transformation risk assessments, validating architecture and execution risks, and ensuring that risks to business value, delivery outcomes, and operational stability are clearly articulated and addressed.

The role provides forward-looking insights on emerging technology risks, supports executive decision-making, and ensures that transformation initiatives are delivered in a controlled, resilient, and value-aligned manner.

Areas Of Responsibility:

• Transformation Risk Oversight (End-to-End Lifecycle)

Lead and approve risk assessment and challenge across transformation initiatives throughout the lifecycle: design, build, testing, deployment, and stabilization.

Ensure early engagement in programs to identify risks at architecture and design stages.

Validate completeness and rigor of risk coverage across all phases of delivery.

Ensure continuous oversight rather than point-in-time review.

• Architecture, Design & Integration Risk

Approve risk assessments related to solution architecture, system design, and integration models.

Challenge architectural decisions, including:

• Core banking and platform selection
• Integration patterns (APIs, middleware, event streaming)
• Data architecture and flows

Identify risks arising from system dependencies, coupling, and integration complexity.

Ensure resilience, scalability, and future-proofing considerations are adequately addressed.

• Data, AI & Advanced Analytics Risk

Oversee risk assessment of data platforms, data pipelines, and analytics solutions.

Establish and approve frameworks for AI-related risks, including:

• Design risk and model deployment risk
• Data sufficiency and data quality risk
• Data leakage and privacy risk

Compliance with regulatory requirements (SAMA, SDAIA, PDPL).

Ensure data integrity across transformations, including migration, mapping, and reconciliation.

Validate controls around data governance, lineage, and usage.

• DevOps, Engineering & Release Transformation Risk

Oversee risk assessment of DevOps adoption, CI/CD pipelines, and engineering practices.

Validate controls around:

• Code quality and peer reviews
• Deployment automation and configuration management
• Release governance and approvals

Identify risks related to rapid change velocity and insufficient control coverage.

Ensure prevention of untested or misconfigured code reaching production.

• Cloud, Infrastructure & Platform Risk

Oversee risk assessment of cloud adoption and infrastructure modernization initiatives.

Validate architecture, security dependencies (in coordination with Cyber), and operational risks.

Identify risks related to scalability, availability, and vendor dependency.

Ensure alignment with regulatory requirements and internal standards.

• Execution, Delivery & Program Risk

Assess risks related to program execution, including:

• Resource adequacy and skill gaps
• Vendor dependencies and delivery risks
• Timeline, scope, and complexity risks

Challenge program assumptions and execution strategies.

Ensure risks are clearly articulated and escalated through governance forums.

• Value Realization & ROI Risk

Assess risks to expected business value and return on investment from transformation initiatives.

Identify gaps between planned outcomes and execution realities.

Provide independent insights on value-at-risk arising from delays, design issues, or control weaknesses.

Support executive decision-making on prioritization and risk acceptance.

• Governance Forums & Stakeholder Engagement

Represent TRD in strategic governance forums, including Project Review Teams (PRTs), Steering Committees, and executive forums.

Engage with CIO, CTO, CDO, and Transformation leadership to provide independent challenge and insights.

Influence key decisions through clear articulation of risks and trade-offs.

Ensure TRD perspectives are integrated into program governance.

• Integration with TRD Functions

Ensure alignment of transformation risk outputs with Risk Analysis, Governance, and Resilience functions.

Provide structured inputs for enterprise risk reporting and dashboards.

Ensure traceability of transformation risks across TRD outputs.

Collaborate to provide a unified and consistent risk view.

• Regulatory Compliance & Audit Readiness

Ensure transformation risk practices align with SAMA ITGF, NCA, and other regulatory expectations.

Support regulatory reviews and audits related to transformation initiatives.

Approve responses to regulatory observations related to digital and technology transformation.

Ensure defensibility of risk positions and assessments.

• Continuous Improvement & Capability Development

Continuously enhance frameworks and methodologies for transformation risk assessment.

Identify emerging risks in new technologies and digital capabilities.

Build and develop a team with expertise across architecture, data, cloud, and engineering.

Promote forward-looking, proactive risk management practices.

Qualifications & Experience:

Minimum Qualifications:

• Bachelor’s or Master’s degree in Computer Science, Information Systems, Engineering, or related field
• Professional certifications such as CISA, CISM, CGEIT, TOGAF, or equivalent preferred

Minimum Experience:

• 12+ years of experience in technology, digital transformation, or technology risk within banking or financial services
• Strong experience in large-scale transformation programs (core banking, data, cloud, APIs)
• Deep understanding of modern technology architectures and delivery models
• Familiarity with regulatory frameworks (SAMA ITGF, NCA, SDAIA, PDPL)

Language:

English; Advance