Senior Manager Operational Risk It

Job description / Role

Role purpose

To provide independent oversight and effective challenge to the technology risk profile across the bank. The role ensures that IT and cyber risks are identified, assessed, monitored, and reported in line with the operational risk management framework and Sharia-compliant banking practices.

Key accountabilities of the role

• Oversee the identification, assessment, and management of all technology-related risks across all business and support units in ADIB in line with the bank's approved operational risk management framework.
• Early identification of emerging technological risks such as artificial intelligence (AI), machine learning (ML), digital assets, etc.
• Provide independent and critical challenge to the first line (IT, information security, and digital banking) on risk assessments, control design, and remediation actions.
• Act as GORM SPOC in IT-related committees/boards such as Change Advisory Board to assess potential risks related, but not limited to, system changes, cloud adoption, digital transformation, mobile enhancement, infrastructure upgrades, etc.
• Oversee and ensure the effective implementation and sanity of the bank's GRC system.
• Review and challenge technology-related key risk indicators (KRIs), risk acceptances, and risk and control self-assessments (RCSAs).
• Evaluate the effectiveness and design of controls related to technology risks.
• Monitor technology operational risk and fraud incidents, perform root cause reviews, and ensure timely closure of corrective actions.
• Track regulatory and audit issues related to technology risks and ensure risk governance is followed in their resolution.
• Contribute to the risk reporting submitted to senior management, management risk committee, board risk committee in addition to ad hoc reporting.
• Support scenario analysis for cyber and IT failure events, including business continuity and operational resilience elements.
• Maintain knowledge of UAE regulatory requirements (e.g., CBUAE, NESA), and global frameworks (e.g., NIST, ISO 27001, COBIT).
• Collaborate with business operational risk managers (BORMs) and the compliance, IT, InfoSec, and internal audit teams.
• Work on a minimum governance standard for platforms owned by operational risk and fraud management.

Specialist skills / technical knowledge, technical competencies required for this role

• Strong understanding of operational risk frameworks and governance.
• Broad knowledge of Islamic banking principles and products.
• Broad knowledge of current and emerging technologies, trends, and hypes.
• Ability to apply logical and critical thinking.
• Excellent analytical, communication, and report-writing skills.
• Strong stakeholder management and influencing skills.

Previous experience

• 10+ years in IT risk, cyber risk, or technology-related risk function in financial institutions.
• Experience with control frameworks such as NIST CSF (cyber security), ISO 27001 (information security management), or COBIT (IT governance).
• Experience with GRC system and structure.
• Good knowledge of operational and fraud risks associated with technology and systems.