Risk Management Consultant
4 days ago
Job Summary
The IT GRC & Risk Management Lead is responsible for establishing, implementing, and maintaining the organization's IT Governance, Risk Management, and Compliance (GRC) framework. This role ensures the organization's IT operations and services are aligned with business objectives, manage risks effectively, and comply with all relevant internal policies, legal/regulatory requirements, and industry best practices, including
ISO 20000, ISO 22301, COBIT, and ITIL
.
Key Responsibilities1. Governance & Strategy (COBIT, ITIL Alignment)
- Develop and maintain
the IT GRC framework, policies, and standards, ensuring alignment with enterprise goals and risk appetite, primarily leveraging
COBIT
for IT Governance. - Define and implement
IT Service Management (ITSM) governance and processes in line with the
ITIL
framework (e.g., Service Strategy, Design, Transition, Operation, and Continual Service Improvement). - Coordinate
with key stakeholders to establish IT governance committees and facilitate regular meetings to review GRC-related policies, procedures, and performance. Oversee
the development of metrics, dashboards, and Key Performance Indicators (KPIs) to monitor the effectiveness of IT governance and service management processes.Risk Management (Enterprise and IT Risk)
Establish and maintain
a structured IT Risk Management program, including the methodology for risk identification, assessment, quantification, treatment, and monitoring.- Conduct
periodic IT risk assessments, threat modeling, and business impact analysis to identify potential vulnerabilities and threats to IT assets and services. - Maintain
the Enterprise Risk Register for IT-related risks and ensure that mitigation and remediation plans are developed, assigned, and tracked to closure. Embed
risk-aware decision-making into IT operational and strategic planning processes.Compliance & Audit Management (ISO 20000, ISO 22301, Regulatory)
Lead
the implementation and maintenance of management systems for
ISO/IEC 20000
(Service Management System - SMS) and
ISO 22301
(Business Continuity Management System - BCMS).- Ensure
ongoing compliance with internal controls, external regulatory requirements, and industry standards (e.g., GDPR, HIPAA, SOC 2, ISO 27001, etc.). - Manage
the lifecycle of internal and external audits (including ISO certification audits) related to GRC, risk, and service management. Oversee
the development and tracking of Corrective Action Plans (CAPs) resulting from audit findings, risk assessments, and compliance gaps.Policy, Procedure, and Training
Write, review, and update
GRC-related technical policies, standard operating procedures (SOPs), and guidelines.- Develop and deliver
GRC and risk awareness and training programs for all employees to promote a culture of compliance and risk management. - Oversee
the documentation and maintenance of control matrices and evidence artifacts required for compliance reporting.
5.Certifications (Preferred)
One or more of the following:
- CRISC
(Certified in Risk and Information Systems Control) - CISA
(Certified Information Systems Auditor) - CISM
(Certified Information Security Manager) - CGEIT
(Certified in the Governance of Enterprise IT) - ITIL v4
Foundation or higher (e.g., ITIL Managing Professional)
-
Risk Manager
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Jasara Program Management Company Full time 120,000 - 240,000 per yearJASARA PMC is seeking a proficient Risk Manager to enhance our project delivery capabilities as we strive to achieve the ambitious goals set forth in Vision 2030. The Risk Manager will be pivotal in identifying, assessing, and mitigating risks across our diverse infrastructure projects, ensuring that our objectives are met while maintaining safety, quality,...
-
Risk Manager
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia WSP Full time 120,000 - 240,000 per yearDescriptionWe are seeking a highly skilled Risk Manager with a proven background in risk identification, assessment, and mitigation for major infrastructure projects. The ideal candidate will have experience in construction supervision consultancy environments and be familiar with roads, highways, bridges, and tunnels projects in Saudi Arabia. This role...
-
Risk Manager
4 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia WSP in the Middle East Full timeJob DescriptionWe are seeking a highly skilledRisk Managerwith a proven background inrisk identification, assessment, and mitigationfor majorinfrastructure projects. The ideal candidate will have experience inconstruction supervision consultancyenvironments and be familiar withroads, highways, bridges, and tunnelsprojects inSaudi Arabia. This role involves...
-
Risk Manager PMC
4 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia Italconsult SpA Full timeCompany DescriptionItalconsult SpA, an Italian engineering consulting firm established in Rome in 1957, represents Italian expertise in advanced engineering solutions. Its restructured ownership since 2012 includes prominent entities like Bevilacqua Engineering Group, Intesa Sanpaolo S.p.A., and Tecnoinvestimenti Srl, among others. Italconsult specializes in...
-
Risk Manager
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia Parsons Full timeIn a world of possibilities, pursue one with endless opportunities. Imagine NextAt Parsons, you can imagine a career where you thrive, work with exceptional people, and be yourself. Guided by our leadership vision of valuing people, embracing agility, and fostering growth, we cultivate an innovative culture that empowers you to achieve your full potential....
-
Risk Manager
4 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia JASARA PMC Full timeJASARA PMC is seeking a dedicated and experienced Risk Manager to join our dynamic team. In this critical role, you will be responsible for establishing and leading risk management strategies that ensure the successful delivery of our infrastructure projects in alignment with Saudi Arabia's Vision 2030. Your expertise will help mitigate risks, maintain...
-
Risk Manager
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia JASARA PMC Full time 120,000 - 250,000 per yearJASARA PMC is seeking a proficient Risk Manager to enhance our project delivery capabilities as we strive to achieve the ambitious goals set forth in Vision 2030. The Risk Manager will be pivotal in identifying, assessing, and mitigating risks across our diverse infrastructure projects, ensuring that our objectives are met while maintaining safety, quality,...
-
Risk Manager
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Italconsult Full time 120,000 - 180,000 per yearJob description Job Title: Risk ManagerDepartment: Project Control OfficeLocation: ITC RiyadhJob...
-
Risk Manager
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Foodics Full time 350,000 - 650,000 per yearWho Are WeWe Are Foodics a leading restaurant management ecosystem and payment tech provider. Founded in 2014 with headquarters in Riyadh and offices across 5 countries, including UAE, Egypt, Jordan and Kuwait. We are currently serving customers and partners in over 35 different countries worldwide. Our innovative products have successfully processed over 6...
-
Risk Manager
4 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia MOYASAR Full timeWe Are Hiring: Risk ManagerMoyasar Financial Company, a leading Saudi fintech licensed by the Saudi Central Bank (SAMA), is seeking an experienced Risk Manager to strengthen our enterprise risk capability and support our continued growth in the digital payments sector.As a Risk Manager, you will play a crucial role in developing and maintaining Moyasar's...
