Senior System Risk Officer

Principal Duties and Responsibilities:

1. Assist the systems risk unit manager in the development and implementation of the IT Risk Management Framework.
2. Ensuring technology controls are sufficiently protecting business risk, through the application of the Technology Risk & Control framework.
3. Assess the various information technology risks that the business faces in its operations and implement action plans, policy and procedural changes for risk avoidance and mitigation.
4. Identifying risk associated with the use, ownership, operation, involvement, influence and adoption of IT in the organization.
5. Conduct in-depth information technology risk assessments including identifying and documenting controls, creating detailed process flows, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation.
6. Track action steps and ensure that findings are mitigated appropriately and in a timely manner.
7. Conduct readiness reviews over large information technology development projects ensuring appropriate systems development lifecycle methodologies are being applied and followed.
8. Participating and providing IT risk related feedback and inputs during the selection of new technologies, products and vendors.
9. Review third party technology vendors and contracts to ensure appropriate controls are in place and functioning effectively.
10. Conduct risk assessment for IT projects and application selection.

Minimum Requirements:

1. Hands on experience in application of the Technology Risk & Control framework.
2. Overall experience of 5 years at least in the related areas. Specifically experience in:
1. Performing risk assessments, control testing/analysis of financial and e-commerce systems for at least 2 years.
2. Performing risk assessments of new system or technology acquisition and various types of SDLC projects for at least 2 years.
3. Analysis of incidents and system changes from risk perspective and related recommendations & reporting.
4. Identifying key motivators for Risk Assessment needs.
5. IT Asset classification, characterization and prioritization.
6. Handling scheduled and unscheduled assignments.
7. Preparation of IT Risk Management policies, procedures in compliance with regulatory needs and international best practices.
8. Continuous risk monitoring of IT assets and reporting to System Risk manager.
9. Communicating with various business and IT teams in order to discuss identified risks, finalize assessment reports and control recommendations.
3. Good understanding of banking industry.
4. Knowledge and understanding of technologies and systems used in the financial sector / banks.
5. Knowledge of core banking systems, such as T24 and others.
6. Understanding of Information Security frameworks will be added advantage.
7. Significant analytical and critical thinking skills.
8. An IT/Business graduate, related certifications CRISC, CISM, CISSP, CISA etc. will be a plus.
9. Understanding of the COSO internal controls framework, ISO and ISACA’s IT Risk Management frameworks.

About The Company:
Saudi Networkers Services Founded in late 2001, SNS was initially established as a joint venture between Networkers International (Networkers MSB) a UK based company and Saudi Networkers Services a Saudi based company.
- SNS has more than 1,600 employees across the MENA region.
- SNS is an ISO 9001 certified company.
- SNS reaches 380 Contractors till the moment in KSA Only.
- Extensive database 70,000+ Active professional candidates.
- Experienced in our field with more than 8 years of doing such a business.