Banking GRC Expert - SME
Riyadh, Riyadh, Saudi Arabia
Full Time
Experienced
Banking GRC Expert – Subject Matter Expert (SME)
Location: Riyadh, KSA
Role Overview
The Banking GRC Expert will act as a trusted advisor and Subject Matter Expert (SME) for Governance, Risk, and Compliance across the Bank. This role is accountable for ensuring full alignment with SAMA regulations, NCA cybersecurity standards, and other applicable Saudi regulatory frameworks.
The incumbent will lead the design, implementation, and continuous enhancement of an integrated GRC framework that supports regulatory compliance, operational resilience, digital transformation, and sustainable business growth. This role interfaces extensively with senior management, Board Committees, regulators, and internal audit functions.
Key Responsibilities
1. Regulatory Governance & Strategic Advisory
2. Enterprise Risk Management & Resilience
3. Compliance, Audit & Regulatory Engagement
4. Advisory, Enablement & Risk Culture
Required Qualifications & Experience
Education
Location: Riyadh, KSA
The Banking GRC Expert will act as a trusted advisor and Subject Matter Expert (SME) for Governance, Risk, and Compliance across the Bank. This role is accountable for ensuring full alignment with SAMA regulations, NCA cybersecurity standards, and other applicable Saudi regulatory frameworks.
The incumbent will lead the design, implementation, and continuous enhancement of an integrated GRC framework that supports regulatory compliance, operational resilience, digital transformation, and sustainable business growth. This role interfaces extensively with senior management, Board Committees, regulators, and internal audit functions.
1. Regulatory Governance & Strategic Advisory
- SAMA Regulatory Leadership:
Serve as the Bank’s primary SME for SAMA Banking Rules, Circulars, and supervisory expectations, including:- SAMA Cybersecurity Framework (CSF)
- SAMA IT Governance Framework
- SAMA Risk Management & Compliance guidelines
- GRC Framework Design:
Design, implement, and maintain an enterprise-wide GRC framework integrating:- Corporate Governance
- Enterprise Risk Management (ERM)
- Regulatory Compliance
- Board & Executive Reporting:
Prepare executive-level dashboards, risk heatmaps, and compliance reports for:- Board Risk Committee
- Audit Committee
- Executive Management
- ERM Leadership:
Lead identification, assessment, and mitigation of:- Operational Risk
- Credit Risk
- Strategic & Emerging Risks
- Digital & Technology Risk:
Oversee risk assessments for:- Digital banking initiatives
- Fintech partnerships
- Cloud, data, and emerging technologies
Ensure compliance with SAMA consumer protection and data privacy requirements.
- KRI & Risk Register Management:
Define and monitor Key Risk Indicators (KRIs) and maintain an up-to-date enterprise Risk Register aligned with the Bank’s risk appetite.
- NCA Compliance Oversight:
Ensure compliance with:- NCA Essential Cybersecurity Controls (ECC)
- Critical Systems Cybersecurity Controls (CSCC)
- Regulatory Gap Assessments:
Conduct periodic gap analyses, thematic reviews, and regulatory readiness assessments; oversee remediation plans and closure of findings. - Regulatory & Audit Liaison:
Act as the primary interface for:- SAMA inspections
- External auditors
- Internal audit reviews
Ensure timely and effective resolution of all supervisory observations.
- Subject Matter Advisory:
Provide expert guidance to business and technology teams on:- AML / CFT regulations
- Basel III / IV frameworks
- Sharia compliance (where applicable)
- Risk Culture & Awareness:
Champion a strong risk-aware culture through:- Targeted training programs
- Executive workshops
- Policy awareness initiatives
Education
- Bachelor’s degree in Finance, Risk Management, Law, Information Systems, or related discipline
- Master’s degree / MBA preferred
- 10–15 years of progressive experience in Banking GRC, preferably within KSA or the GCC
- Demonstrated experience engaging with SAMA, NCA, and regulatory audits
- Strong exposure to digital banking and technology risk environments
- CRISC – Certified in Risk and Information Systems Control
- CGEIT – Certified in Governance of Enterprise IT
- CAMS – Certified Anti-Money Laundering Specialist
- CISA – Certified Information Systems Auditor
- SAMA / Financial Academy Professional Certifications (e.g., Compliance Foundations)
- Expert-level understanding of:
- SAMA regulations and supervisory expectations
- NCA cybersecurity frameworks
- CMA regulations (as applicable)
- Strong executive presence and stakeholder management capability
- Ability to influence C-suite and Board-level discussions
- Excellent analytical, presentation, and documentation skills
- Bilingual proficiency in Arabic and English
Apply for this position
Required*