Search by job, company or skills

Riyad Bank

Head of Technology Risk Resilience Section

Save
  • Posted 21 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Purpose / Role:

Lead and manage the Technology Risk Resilience function within TRD, responsible for oversight and independent challenge of the Bank's technology resilience, stability, and operational control effectiveness.

The role ensures that technology environments are resilient to disruptions through effective incident management oversight, control validation, disaster recovery readiness, and robust testing assurance across system changes and releases.

The Section Head is accountable for approving resilience risk assessments, validating control effectiveness, and ensuring that weaknesses in testing, release processes, and operational readiness are identified and addressed proactively.

The role provides forward-looking assurance on the Bank's ability to prevent, withstand, and recover from technology disruptions, and supports executive decision-making through clear articulation of resilience risks and control gaps.

Areas Of Responsibility:

  • Technology Resilience Framework & Oversight

Define and maintain the technology resilience risk framework covering incident management, control effectiveness, and operational stability.

Approve methodologies for resilience risk assessment and control validation.

Ensure alignment with regulatory expectations (SAMA ITGF, NCA) and industry standards.

Establish clear definitions and standards for resilience, availability, and recovery.

  • Incident & Problem Management Oversight

Oversee independent risk assessment of major incidents and systemic issues.

Validate root cause analysis (RCA) quality, ensuring identification of true underlying causes and control failures.

Challenge classification, prioritization, and resolution of incidents and problems.

Identify patterns, recurring issues, and systemic weaknesses across incidents.

Ensure lessons learned are properly defined, tracked, and implemented.

  • Control Effectiveness Validation

Oversee validation of design and operating effectiveness of key IT controls across:

  • Change and release management
  • Incident and problem management
  • Batch processing and scheduling
  • System monitoring and alerting

Approve control assessment outcomes and ensure consistency across TRD.

Identify control gaps, breakdowns, and weaknesses impacting system stability.

Ensure follow-up and closure of control deficiencies.

  • Testing Assurance (SIT, UAT, Regression, Performance)

Establish and approve frameworks for independent assessment of testing adequacy across system changes and releases.

Oversee evaluation of:

  • Test coverage completeness
  • Test scenario design and execution quality
  • Regression testing effectiveness
  • Performance and stress testing readiness

Challenge testing outcomes and ensure risks are identified prior to production deployment.

Validate that testing deficiencies are addressed before go-live.

  • Release & Operational Readiness Risk Assessment

Oversee risk assessment of release readiness for major deployments and system changes.

Validate readiness across:

  • Infrastructure and environment setup
  • Data migration and reconciliation
  • Monitoring and alerting mechanisms
  • Support models and escalation procedures

Challenge go-live decisions where resilience risks are not adequately mitigated.

Ensure structured stabilization monitoring post go-live.

  • Disaster Recovery (DR) & Business Continuity (BCP) Oversight

Oversee independent validation of DR and BCP readiness from a technology perspective.

Validate DR architecture, failover mechanisms, and recovery capabilities.

Assess effectiveness of DR drills and simulation exercises.

Identify gaps in recovery objectives (RTO/RPO) and execution readiness.

Ensure alignment with regulatory expectations and internal resilience targets.

  • Integration with Risk Analysis & Governance

Provide resilience risk inputs to Risk Analysis for incorporation into enterprise risk view.

Ensure integration of incident, control, and testing insights into TRD reporting.

Collaborate with Governance function to ensure accurate representation of resilience risks in dashboards and reports.

Ensure traceability of control weaknesses and incident trends across TRD outputs.

  • Stakeholder Engagement & Challenge Function

Engage with IT Operations, Technology Delivery, and BCM teams to challenge resilience practices and control effectiveness.

Represent TRD Resilience function in governance forums, including incident review boards and release committees.

Provide independent and evidence-based challenge on operational and release decisions.

Influence improvements in testing, control design, and operational practices.

  • Regulatory Compliance & Audit Readiness

Ensure resilience practices align with SAMA ITGF, NCA, and other regulatory expectations.

Support regulatory reviews and audits related to technology resilience and control effectiveness.

Approve responses related to resilience and operational risk observations.

Ensure audit readiness and defensibility of resilience assessments.

  • Continuous Improvement & Capability Development

Continuously enhance resilience frameworks, testing assurance practices, and control validation methodologies.

Promote use of analytics and automation in incident analysis and control monitoring.

Build and develop a team with strong expertise in testing, operations, and resilience engineering.

Drive a culture of proactive risk identification and continuous improvement.

Qualifications & Experience:

Minimum Qualifications:

  • Bachelor's or Master's degree in Computer Science, Information Systems, Engineering, or related field
  • Professional certifications such as CISA, CISM, ITIL, or equivalent preferred

Minimum Experience:

  • 12+ years of experience in IT operations, technology risk, or resilience-related roles within banking or financial services
  • Strong experience in incident management, DR/BCP, testing, and control environments
  • Deep understanding of IT operational processes and system reliability principles
  • Familiarity with regulatory frameworks (SAMA ITGF, NCA)

Language:

English : Enhanced

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 150970833