Risk Assessor

Riyadh

 Acuative Middle East
Apply for this Job

Direct message the job poster from Acuative Middle East

Job Purpose

Assess and manage cybersecurity and operational risks associated with third-party vendors and partners, ensuring alignment with regulatory requirements and the bank's risk appetite.

Accountabilities

  • Perform detailed third-party risk assessments for vendors supporting digital ventures and payment systems.
  • Evaluate vendor security controls, policies, and procedures to identify gaps against internal standards and regulatory expectations.
  • Collaborate with procurement and legal to embed security clauses in contracts.
  • Maintain third-party risk registers and track remediation efforts.
  • Conduct periodic reassessments to monitor risk posture changes of key vendors.
  • Report third-party risk exposures to leadership and support audits with evidence.
  • Support onboarding due diligence processes with security advisory input.
  • Facilitate risk workshops or reviews with vendors and internal stakeholders.

Role Requirements

  • Qualifications: Bachelor's degree in Cybersecurity, IT Audit, or related field.
  • Experience: Minimum 4 years in third-party/vendor risk or cybersecurity assurance roles.
  • Training: Certified Third-Party Risk Professional (CTPRP) or equivalent preferred.
  • Specialized Knowledge/Skills: Strong grasp of supplier lifecycle, cloud security, and vendor risk evaluation frameworks.
  • Qualifications: CISA, ISO 27001 Lead Auditor.
  • Experience: Experience in regulated industries such as banking or healthcare.
  • Specialized Skills: Knowledge of financial regulatory frameworks like SAMA, PCI-DSS.
  • Analytical thinking
  • Influence and negotiation
  • Integrity and accountability
  • Vendor risk management platforms (e.g., OneTrust, RSA Archer)
  • Cloud security frameworks (e.g., CSA CCM)
  • Understanding of SLA/contractual risk controls
  • Basic regulatory compliance knowledge (SAMA, NCA)
Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development and IT Services and IT Consulting

Referrals increase your chances of interviewing at Acuative Middle East by 2x

Sign in to set job alerts for "Risk Assessor" roles.

Continue with Google Continue with Google

Continue with Google Continue with Google

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Date Posted: 17 May 2025
Apply for this Job
Show me similar jobs
Send me jobs by email