Manager of Technology Risk, Information Technology. The role is responsible for leading the identification, evaluation, and mitigation of technology-related risks within a banking environment. This includes ensuring that risks across the technology landscape are recognized, assessed, and managed in line with established risk management frameworks and organizational risk appetite. The position also promotes a practical risk-conscious culture across IT operations, balancing security and compliance with business and operational priorities.

Key Responsibilities

Risk Management

• Design, implement, and maintain a comprehensive IT risk management framework aligned with industry standards and regulatory requirements, including CBO, SAMA, Basel II/III, and NIST.
• Conduct regular risk and control self-assessments (RCSA) across core banking systems, digital platforms, and technology infrastructure.
• Produce insightful technology risk reports, including key risk indicators (KRIs) and thresholds, coordinating with second-line risk teams.
• Oversee risk management for third-party vendors, cyber threats, data privacy, and operational resilience.
• Work closely with Information Security, Compliance, and Internal Audit to ensure cohesive and integrated risk practices.
• Support regulatory inquiries, audits, and assurance reviews by financial authorities and rating agencies.
• Develop and deliver risk awareness and training initiatives to enhance accountability and risk ownership across IT teams.

Leadership & Collaboration

• Lead and mentor a small team of technology risk professionals, ensuring a balance between operational needs and risk mitigation.
• Partner with IT, cybersecurity, legal, and risk teams to embed governance, risk, and compliance objectives into policies and procedures.
• Act as a strategic advisor to senior leadership on technology risk matters, offering practical solutions that consider both compliance and operational requirements.
• Serve as a primary point of contact for external stakeholders, including auditors, regulators, and industry peers.

Qualifications & Experience

Education & Certifications

• Bachelor’s degree in Information Technology, Computer Science, Risk Management, or a related field; Master’s degree preferred.
• Relevant certifications in technology and risk disciplines (e.g., GRC/Cybersecurity, ITIL, COBIT, PMP).

Professional Experience

• Minimum of 10 years in technology roles, including at least 5 years in technology risk, preferably within financial services.
• Strong background in IT disciplines beyond GRC to support informed decision-making.
• Proven ability to provide pragmatic risk guidance, balancing risk with operational needs.
• Demonstrated experience in driving cultural change and implementing best-practice risk assessment processes.

Skills & Competencies

• Strong networking, influencing, and stakeholder management skills.
• In-depth knowledge of risk management frameworks in banking and financial services.
• Excellent analytical, problem-solving, and attention-to-detail skills.
• Leadership skills with clear, concise communication abilities (oral and written).
• Creative, “out-of-the-box” thinking for problem-solving.
• Ability to drive change and deliver results under tight timelines.
• Professional demeanor with tact, flexibility, and empathy.