IBM Hardware and Software products play a huge role in increasing the efficiency and profitability of businesses.
SBM provides complete services that empower businesses to achieve and exceed requirements..
IT Risk Manager
Position Title: IT Risk Manager
Job Location: Saudi Arabia
Job Type: Full Time
Job Summary & Requirements:
The IT Risk Manager is responsible for identifying, evaluating, and mitigating risks related to the organization’s information technology systems. This role requires in-depth knowledge of IT risk frameworks, cybersecurity threats, regulatory requirements, and best practices. The IT Risk Manager works closely with IT, security, and business teams to ensure that risks are understood, managed, and minimized, and that technology operations remain secure and compliant.
Education:
Bachelor’s degree in Information Technology, Risk Management, or a related field. Master’s degree or relevant certifications in IT risk management (e.g., CISM, CRISC, CISSP) is preferred.
Experience:
5+ years of experience in IT risk management, cybersecurity, or IT governance. Experience in developing and implementing IT risk management frameworks and policies. Proven experience with risk assessment tools and methodologies for IT environments.
Certification:
Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or similar certifications required.
Job Description:
The IT Risk Manager is responsible for protecting the organization’s information assets by identifying and addressing IT risks, ensuring compliance with regulatory requirements, and developing robust risk management processes. This role ensures that the IT infrastructure is secure, resilient, and aligns with the organization's risk appetite.
Detailed Responsibilities:
Develop and implement IT risk management policies and frameworks. Identify and assess risks associated with IT systems, applications, and networks, including cybersecurity threats, data breaches, and system failures. Perform regular risk assessments to identify vulnerabilities in the IT environment and recommend mitigation strategies. Collaborate with cybersecurity teams to monitor emerging threats and ensure the implementation of effective security controls. Ensure compliance with IT-related regulatory requirements, including data protection regulations (GDPR, CCPA, etc.) and industry standards (ISO 27001, NIST). Develop and manage IT risk registers and track the status of risk mitigation actions. Support IT audits and work closely with auditors to ensure compliance with IT risk policies. Develop and conduct risk awareness training for IT staff and other stakeholders. Report on IT risk findings and recommendations to senior management and stakeholders. Monitor IT incidents and coordinate incident response efforts to minimize damage and ensure timely recovery. Ensure that business continuity and disaster recovery plans are in place and tested regularly. Stay informed on emerging IT risks, regulatory changes, and best practices in risk management.
Skills & Expertise:
Strong understanding of IT risk management frameworks and methodologies (e.g., COBIT, NIST, ISO 27001). In-depth knowledge of cybersecurity threats, vulnerabilities, and mitigation strategies. Experience in regulatory compliance related to IT and data protection. Excellent analytical and problem-solving skills to assess IT risks and recommend solutions. Proficiency in IT risk assessment tools and methodologies. Strong communication skills to convey IT risk concepts to non-technical stakeholders. Project management skills to handle multiple IT risk initiatives. Ability to collaborate effectively with cross-functional teams in IT, security, and business operations. Knowledge of IT governance, business continuity, and disaster recovery principles.
By clicking the Accept button, you agree to us doing so.
