IDB2446 - Technology, Risk and Assurance Officer

Business Unit: Administration Complex
Division: Not Applicable
Department: Information Management and Disruptive Technology Department
Country: Saudi Arabia
Location: Saudi Arabia - Jeddah
Closing date: 28-Mar-2020


To perform, and establish standards and frameworks for, technology risk management activities, technology assurance, resilience, and quality management across IMDT’s remit and continuously improve their practices to ensure IMDT services delivery availability and sustainability.


  • Establish and maintain the technology assurance framework, standards, supporting guidelines and processes to enable IsDB to manage technology and information risks in adherence to the business strategy, IsDB Internal Audit and Risk Management frameworks, and methodologies.
  • Conduct technology risk assessments to identify, assess, mitigate, and manage technology-related risks to initiate appropriate actions and projects.
  • Establish and maintain the policies of internal IMDT audits and disaster recovery, IMDT control test framework across the scope of relevant IMDT policies and standards, adopting a risk-based approach for the frequency and testing of controls to align with IsDB overall operational risk model and assurance practices.
  • Execute controls effectiveness testing across the key control objectives, solve any conflicts that might occur during the process, identify the outcomes, document the impact of controls weaknesses with remedy requirements to proactively ensure IMDT services delivery compliance.
  • Establish and maintain IMDT standards and processes to ensure adherence to applicable legal, regulatory and contractual requirements.
  • Oversee in IMDT-wide quality assurance activities (especially safeguarding all information and results released during the assurance testing process ensuring only designated individuals have access) to identify compliance gaps, ensure expectations are consistently achieved across IMDT responsibilities, and any issues are identified and resolved through corrective actions and in a timely manner.
  • Support the internal and external audit activities by arranging all necessary meetings between the external auditor(s) and concerned IMDT divisions, providing the appropriate access to the data and systems where necessary, investigating the root cause of non-compliances, and reporting all internal and external testing and auditing results to management supporting the overall IsDB annual compliance and audit plans.
  • Identify recurring patterns of non-compliance, providing recommendations for technical/procedural solutions, enhancements, policy/standards improvements and other remedies requirements.
  • Define and maintain IsDB’s resilience capabilities across disaster recovery, backup and restoration, and IT crisis management; with appropriate standards, guidelines, and procedures for applications and infrastructure to ensure that systems can be reinstated in a timely and integral manner in the event of a disaster scenario.
  • Manage third-party providers for capabilities related to disaster recovery, backup and restoration, and IT crisis management ensuring that IsDB requirements are appropriately met and reporting is provided on a periodic basis.
  • Coordinate with business continuity to identify disaster recovery requirements, risks, mitigation plans, and alignment; perform resilience test activities including drills, simulations, and table-top exercises and ensures findings are addressed on a timely basis.
  • Exercise disaster recovery plans in mock scenarios or the form of organized tests, reports and presents mock scenarios and tests findings to IMDT management to proactively ensure disaster recovery plans are workable and to avoid unexpected crises.
  • Plan, organize and conduct technology assurance and resilience awareness initiatives within IMDT and Regional Hubs.


Academic Qualifications:

  • Bachelor’s degree in Computer Science, IT or similar field with 3 years experience in IT environment OR
  • Masters degree in Computer Science, IT or similar field with 2 years experience in IT environment.


  • 2 years of experience in an IT environment with resilience, disaster recovery, business continuity, technology risk, assurance, Cyber security, quality management and IT controls assurance and tools experience

Skills and Necessary Knowledge:

  • Technology risks, controls, and resilience skills 

  • Cybersecurity  

  • SOC implementation 

  • Change management 

  • Communication skills 

  • Conceptual thinking 

  • Strong knowledge of IT functions and services 

  • Analytical thinking and problem solving 

  • Information Technology Infrastructure Library


Core/ Behavioural

  • Adaptability
  • Teamwork
  • Client Centricity and Stakeholder Management
  • Motivation to Learn and Share Knowledge
  • Drive for Results


  • Change & Transition Management
  • Solutions and Result Management
  • Innovation and Future Orientation
  • Leadership and People Management
  • International and Multicultural Collaboration
  • Communication and Partnership


  • Bank Knowledge
  • Business Process Knowledge
  • Policies and Procedures