وظيفة رئيس قسم حوكمة مخاطر التقنية لدى بنك الرياض في الرياض

Job Purpose / Role:

Lead and manage the Technology Risk Governance function within TRD, responsible for establishing, maintaining, and enhancing the Bank’s technology risk governance framework, policies, methodologies, and reporting mechanisms.

The role ensures that technology risk is governed through a structured, consistent, efficient and forward-looking framework aligned with regulatory expectations and business objectives. The Section Head is accountable for approving risk methodologies, endorsing risk positions, and delivering executive-level risk reporting, while ensuring integration of risk insights across incidents, control assessments, and transformation initiatives.

The role acts as the central authority for technology risk governance, promoting risk culture within organization, providing independent oversight, enabling effective decision-making, and ensuring that technology risk exposures are clearly articulated, monitored, and escalated across the Bank.

Areas Of Responsibility:

• Technology Risk Governance Framework & Policies

Define, maintain, and continuously enhance the Bank’s technology risk governance framework, ensuring alignment with regulatory requirements (SAMA ITGF, NCA) and industry best practices.

Approve technology risk policies, standards, methodologies, and procedures across TRD.

Ensure consistent application of governance standards across all technology risk domains.

Establish clear risk taxonomy, definitions, and classification standards.

• Risk Methodology, Standards & Control Validation

Approve methodologies for technology risk assessment, RCSA challenge, and control evaluation.

Ensure robust frameworks for operating effectiveness testing of IT controls.

Validate consistency and quality of risk assessment outputs across TRD functions.

Oversee definition and validation of KRIs, KPIs, and technology risk metrics.

• Enterprise Risk Aggregation & Reporting

Own and approve enterprise-level technology risk dashboards and reporting for senior management and Board Committees.

Consolidate risk inputs across TRD pillars into a coherent and forward-looking Enterprise level risk view.

Ensure clear articulation of top technology risks, systemic risks, and emerging exposures.

Validate completeness, accuracy, and integrity of risk data used for reporting.

• Risk Intelligence & Data Integration

Establish and oversee integration of multiple risk data sources, including incidents, audits, KRIs, and assessments.

Drive development of forward-looking risk intelligence capabilities and analytics.

Identify systemic and cross-initiative risks that may not be visible at individual project levels.

Ensure risk insights are actionable and support executive decision-making.

• Lifecycle Governance & Oversight Integration

Ensure governance frameworks support lifecycle-based technology risk oversight across design, build, testing, deployment, and stabilization.

Validate that risk governance requirements are embedded in transformation initiatives and change processes.

Ensure consistency in governance practices across project and operational environments.

Approve governance mechanisms for participation in project review forums and decision-making bodies.

• Stakeholder Engagement & Governance Forums

Represent TRD Governance function in enterprise governance forums, including risk committees and project governance structures.

Engage with CIO, CTO, BT and Business stakeholders to ensure alignment on technology risk governance expectations with technology operations.

Coordinate with Cyber Security, Operational Risk, Compliance, and Internal Audit to ensure integrated risk governance.

Provide authoritative awareness and guidance on technology risk governance matters across the Bank.

• Regulatory Compliance & Audit Readiness

Ensure governance framework and practices comply with SAMA ITGF, NCA, and other regulatory requirements.

Oversee preparation for regulatory reviews and audits related to technology risk governance.

Approve responses to regulatory observations and audit findings related to TRD governance.

Drive continuous enhancement of governance practices in line with regulatory expectations.

• TRD Reporting Ownership & Quality Assurance

Own TRD-wide reporting standards, templates, and quality controls.

Approve all executive-level technology risk reports before submission.

Ensure consistency, clarity, and professionalism in all TRD communications.

Establish and enforce quality assurance mechanisms for TRD outputs.

• Continuous Improvement & Capability Development

Continuously enhance governance frameworks, tools, and reporting capabilities.

Identify and execute opportunities for automation and optimization of risk management, reporting and analytics

Build and develop governance team capabilities in line with evolving technology risk landscape.

Promote a culture of accountability, consistency, and excellence in governance practices.

Qualifications & Experience:

Minimum Qualifications:

• Bachelor’s or Master’s degree in Computer Science, Information Systems, Engineering, or related field
• Professional certifications such as CISA, CISM, CGEIT, or equivalent preferred

Minimum Experience:

• 12+ years of experience in technology risk, IT governance, or risk management within banking or financial services
• Strong experience in governance frameworks, risk reporting, and regulatory compliance
• Deep understanding of SAMA ITGF, NCA, and relevant international standards

Language:

English: Enhance