Manager - Operational Risk

Job Purpose:

To ensure the effective design, implementation, and maintenance of the Bank’s Operational Risk Management Framework in alignment with regulatory requirements, internal policies, and enterprise-wide standards. The role provides independent second-line oversight of key operational risk activities, including RCSA validation, control testing, KRI reporting, business continuity management, and access management through close collaboration with Risk Champions. It is also responsible for monitoring and guiding the consistent application of the Operational Risk Framework across business units and control functions to strengthen the Bank’s overall risk culture and resilience.

Reports directly to: Vice President - Operational Risk, Business Continuity Management (BCM) and Fraud Prevention (FP)

Reported to by: Officer- Quality Assurance

Duties and Responsibilities:

• Support the Bank-wide implementation of ORM program and Risk culture enhancement in all areas of Operational Risk including Business continuity Management (BCM) and Identity & Access Management (IAM).

• Drive Bank-wide implementation of the ORM policies and governance structures.

• Work closely with Project Management team to ensure early adoption of ORM/BCM/AM standards in all new Products and Processes.

• Assist the department to coordinate the bank-wide Outsourcing activities through respective policy/procedure updates in line with regulatory requirements as well as coordination of governance activities.

• Manage a team of Operational risk officers carrying out RCSA assessments, Control Testing, Incident management, Issue and Action Management, Risk Acceptance monitoring, Key Risk Indicator (KRI) bank-wide consolidation, BCM Coordination, IAM coordination.

• Conduct and coordinate a 2nd Line of defense Operational Risk reviews in various Business Units (BU) of the bank to form an assess the BU’s overall Risk and Control environment effectiveness and suggest Process improvements, possible automations that can enhance the control environment.

• Support in planning, organizing, and carrying out the control testing activities including preparations of key controls to test, plan, scheduling and assigning work and assessing estimated resources required.

• Coordinate and ensure a resolution of issues raised by regulators, external auditors, consultants and internal Auditors.

• Assist the Head of Department in Governance activities by preparing regular and ad-hoc ORM reports on Risks, Issues, Remediation Plans, Incidents, 2nd LoD Review results and Project status.

• Establish and lead the periodic Governance forums with Risk champions to provide guidance across the organization/branches to create awareness about ORM, BCM, IAM framework

• Maintain updated ORM Policies and Procedures in Line with Regulatory requirements and Industry Best practices.

• Design and deliver Bank-wide ORM risk culture enhancement program by updating training materials and delivering training through the Bank’s training platform or through in-person meetings.

• Continuously update and implement a robust enterprise-wide Business Continuity Management (BCM) framework aligned with Regulations (eg. CBUAE, NCEMA) and international standards (e.g., ISO 22301).

• Maintain awareness of CBUAE requirement updates around ORM, BCM, IAM.

• Oversee the development and maintenance of bank-wide Business Impact Analyses (BIAs), Business Continuity Plans (BCPs), IT Disaster Recovery Plans (DRPs), and Crisis Management protocols. Establish recovery time objectives (RTO) and recovery point objectives (RPO) with IT and business units

• Evaluate third-party continuity and recovery capabilities for critical service providers to ensure Bank’s BCM standards are followed.

• Provide guidance and support to departmental BCM coordinators and recovery teams.

• Review & Challenge Access Permissions and Roles and Segregation of Duties (SoD) Rules Set up for new business Applications.

• Conduct a Periodic Review of Access Permissions and Roles of bank’s critical Business Applications to identify toxic access combinations and detect unauthorized permissions.

• Review and Approval of Access Change requests.

• Ensure that IAM risks and controls are Integrated into bank-wide RCSAs & KRIs and are periodical monitor and challenge their assessments

• Carry out other tasks as and when required in consultation with the Head of Operational Risk, Business Continuity Management & Fraud Prevention

Education:

• Bachelor’s or master’s degree in finance, Risk Management or Business Administration.

Professional / Technical Qualifications / Diplomas – will be considered as advantage.

• Risk Management related certification

• Business Continuity Management related certifications

• Certifications in ISO 22301, BS 2599, ISO 31000 and other relevant certifications

Experience:

• Minimum of 7 years in Banking, of which at least 3 years working in Operational Risk (ORM) / Business Continuity Management (BCM) / Identity & Access Management (IAM) / Controls and Governance fields.

Other Skills Required for the Job:

- People: Proven ability to lead, mentor, and develop high-performing teams within a risk management environment. Be open to others’ views and effectively manage potential conflicts.

- Analytical: Excellent Analytical skills and attention to details

- Communication: Strong verbal and written communication skills.

- Teamwork: Balances team and individual responsibilities. Gives and welcomes feedback, Contribute to building a positive team spirit and put success of team ahead of own interests