Risk Director

Please note that this job is open only to Qatari Nationals.

Job Purpose:

The Risk Director is responsible for establishing and maintaining a robust Enterprise Risk Management (ERM) framework that ensures the organization operates with integrity, resilience, and compliance. The role oversees the identification, assessment, monitoring, and mitigation of risks across strategic, operational, financial, and compliance dimensions. The Director partners with executive leadership to align risk appetite with institutional priorities, embed a culture of accountability, and strengthen business continuity. This position is central to ensuring that decision-making is data-driven, governance-aligned, and proactive in managing uncertainty.

Roles and Responsibilities:

• Design, implement, and continuously refine the organization’s ERM framework, ensuring alignment with best practices and regulatory requirements.
• Define and maintain the organization’s risk appetite and tolerance levels in coordination with the CEO and Executive Management.
• Integrate risk management principles into strategic planning, budgeting, and performance frameworks.
• Develop risk management policies, methodologies, and tools that promote consistency and transparency.
• Regularly review and enhance risk governance structures, reporting processes, and escalation protocols.
• Conduct comprehensive risk assessments across all functional areas—including strategic, operational, financial, reputational, legal, and technology domains.
• Maintain an enterprise-wide risk register that tracks risk ownership, exposure, and mitigation progress.
• Analyze risk trends, root causes, and emerging threats, presenting actionable insights to senior management and the Board.
• Facilitate quarterly risk reviews and coordinate with departmental risk champions to monitor compliance with mitigation plans.
• Establish clear metrics and reporting dashboards to evaluate the effectiveness of controls and risk responses.
• Oversee compliance with internal policies, legal frameworks, and applicable regulatory standards.
• Partner with Internal Audit, Legal, and Finance to ensure alignment across assurance activities and control mechanisms.
• Evaluate the design and effectiveness of internal controls, ensuring timely implementation of audit recommendations.
• Oversee risk assessments of vendors, contractors, and third parties to mitigate exposure from external dependencies.
• Report significant compliance and control issues to the CEO and Audit & Risk Committee with corrective action plans.
• Develop and lead the organization’s business continuity and disaster recovery frameworks.
• Identify critical processes, systems, and assets essential for continued operation during disruptions.
• Conduct regular drills, simulations, and readiness assessments to ensure operational resilience.
• Coordinate crisis management responses, ensuring clarity of communication and rapid recovery.
• Lead post-incident reviews to capture lessons learned and embed improvements into continuity planning.
• Establish governance mechanisms for risk oversight at executive and departmental levels.
• Prepare and deliver regular risk reports, dashboards, and heat maps for the CEO, Audit & Risk Committee, and Board.
• Build a risk-aware culture by providing training, guidance, and awareness programs across the organization.
• Serve as a trusted advisor to senior management, balancing risk mitigation with strategic opportunity.
• Promote proactive, accountable, and data-informed risk management practices at all levels.

Job Qualification & Requirements:

• Bachelor’s degree in risk management, Finance, Economics, or a related field; Master’s degree preferred.
• Minimum of 15 years of experience in enterprise risk, audit, or compliance, including at least 6 years in a leadership role.
• Professional certification required (FRM, CRM, CIA, CISA, or equivalent). Proven record of developing and implementing enterprise risk frameworks and business continuity programs. Strong understanding of governance, regulatory compliance, internal control systems, and assurance methodologies.