Senior Officer Operational Risk

Job Purpose:

The role supports the effective implementation and ongoing maintenance of the Bank's Operational Risk Management Framework in line with regulatory requirements, internal policies, and enterprise-wide standards. It contributes to second-line oversight activities, including assisting in RCSA assessments, supporting control testing, preparing KRI reports, and coordinating with business units on business continuity and access management matters. The position ensures consistent application of the Operational Risk Framework across the organization, promoting risk awareness, strengthening controls, and enhancing overall operational resilience.

Duties and Responsibilities:

Operational Risk Framework & Risk Culture

Support the implementation of the Bank's Operational Risk Management (ORM) program across business and support units, including activities related to Business Continuity Management (BCM) and Identity & Access Management (IAM).

Assist in promoting and embedding a strong operational risk culture by raising awareness, sharing best practices, and supporting training initiatives for ORM, BCM, and IAM.

Maintain detailed tracking and monitoring of all ORM activities, ensuring accuracy, completeness, and timely escalation of issues.

Policies, Governance & Regulatory Alignment

Assist in the periodic update of ORM policies, procedures, and guidelines to ensure alignment with regulatory requirements (e.g., CBUAE, NCEMA), industry standards, and internal governance expectations.

Support preparation of regular and ad-hoc ORM reports, MIS, and dashboards for governance committees and senior management.

Provide support in coordinating governance forums with Risk Champions and following up on required actions and awareness sessions. Risk & Control Assessments (RCSA)

Support business and support units in identifying risks and controls for significant processes and facilitate RCSA exercises as required. Conduct due-diligence reviews of RCSA submissions, ensuring quality, accuracy, and consistency in risk and control assessments. Help ensure IAM and BCM-related risks and controls are appropriately captured in RCSAs and monitored regularly.

Control Testing & Monitoring

Assist in planning and executing second-line control testing activities, including preparing test samples, scheduling assessments, and documenting results.

Follow up on issues raised from control testing, audits, and regulatory reviews, tracking remediation plans and ensuring timely closure.

Operational Risk Incidents, Losses & KRIs

Ensure timely reporting and documentation of operational risk incidents (financial and nonfinancial) in accordance with internal guidelines.

Monitor loss data submissions from business units and maintain the Operational Risk Register accurately.

Support consolidation, review, and reporting of Key Risk Indicators (KRIs), ensuring timely escalation of threshold breaches.

Business Continuity Management (BCM)

Assist in the maintenance and periodic review of Business Impact Analyses (BIAs), Business Continuity Plans (BCPs), Disaster Recovery Plans (DRPs), and related documentation.

Coordinate with departmental BCM coordinators to track testing schedules, ensure documentation upkeep, and support crisis management exercises.

Support reviews of third-party continuity capabilities for critical outsourced service providers, ensuring compliance with BCM standards.

Identity & Access Management (IAM)

Support periodic reviews of access permissions and roles for critical business applications, identifying potential toxic combinations or unauthorized access.

Assist in evaluating Segregation of Duties (SoD) controls, capturing related risks, and following up on remediation.

Review access change requests in line with defined procedures and escalate deviations where needed.

New Products, Processes & Projects

Work closely with the Project Management team to support early integration of ORM/BCM/IAM requirements in new products, systems, and processes.

Assist in reviewing policies and procedures submitted by business units from an operational risk perspective and recommend control enhancements.

Stakeholder Coordination & Issue Management

Support coordination of outsourcing governance activities, ensuring documentation, assessments, and regulatory requirements are up to date.

Assist in follow-ups with business units for timely closure of audit findings, risk issues, and action plans.

Collaborate with internal audit, compliance, IT, and other control functions to support integrated risk reviews.

Training, Awareness & System Support

Contribute to the development and delivery of operational risk and BCM training sessions and workshops as part of the annual awareness plan.

Support maintenance and updates of ORM tools, systems, and reporting platforms; assist users in understanding system features and functionalities.

General & Ad-Hoc Responsibilities

Prepare accurate MIS, dashboards, and analytical reports from available risk data.

Build and maintain effective working relationships with business units and support functions to strengthen risk awareness and collaboration.

Undertake additional operational riskrelated tasks assigned by the Manager Operational Risk or senior management.

Education:

Bachelor's or master's degree in finance, Risk Management or Business Administration.

Professional / Technical Qualifications / Diplomas will be considered as advantage.

Risk Management related certification

Business Continuity Management related certifications

Certifications in ISO 22301, BS 2599, ISO 31000 and other relevant certifications

Experience

Minimum of 2 years in Banking, of which at least 1 years working in Operational Risk (ORM) / Business Continuity Management (BCM) / Identity & Access Management (IAM) / Controls and Governance fields.

Other Skills Required for the Job:

- People: Proven ability to lead, mentor, and develop high-performing teams within a risk management environment. Be open to others views and effectively manage potential conflicts.

- Analytical: Excellent Analytical skills and attention to details - Communication: Strong verbal and written communication skills. - Teamwork: Balances team and individual responsibilities. Gives and welcomes feedback, contribute to building a positive team spirit and put success of team ahead of own interests.