AVP - Emerging Technology Risk

At RAKBANK, we believe in fostering a culture of innovation, growth, and excellence. We are not just a bank we are a community that thrives on teamwork, cutting-edge solutions, and the highest standards of governance.

The AVP-Emerging Technology Risk will be responsible for overseeing and assessing technology-related risks within RAKBANK, focusing on digital assets, cloud technologies, data management, robotic process automation (RPA), and artificial intelligence (AI). The primary focus will be on the operational aspects of IT risks, excluding cybersecurity-related concerns. This role is part of the 2nd Line of Defence (2LoD) within the Operational Risk Unit of the Risk Management Department. The role involves risk oversight, ensuring adherence to regulatory requirements, and supporting the bank in identifying, assessing, and mitigating risks associated with emerging technology.

• Implement the Group Technology Risk Management Framework. Assist in recommending group-wide risk appetite for emerging technology risk indicators to ensure alignment with the Group's strategy and objectives.

• Conduct independent risk assessments of technology initiatives, ensuring effective risk identification, evaluation, and mitigation. The primary focus will be on the operational aspects of IT risks, excluding cybersecurity-related concerns.
• Oversee risks related to blockchain and digital asset activities such as cryptocurrencies and tokenized products, focusing on operational risk aspects.
• Evaluate cloud migration strategies and ongoing cloud operations to ensure compliance with risk management frameworks and regulatory requirements.
• Assess operational risks related to data management, including data governance, data quality, and data lifecycle management.
• Evaluate risks associated with Robotic Process Automation (RPA), related to automated workflows, operational controls, governance, and resilience.
• Experience in risk assessment of AI-driven systems, focusing on operational reliability, regulatory compliance, and ethical considerations.
• Review IT operational processes, incident management, and change management practices to ensure risk exposure is effectively managed.
• Assess technology risks associated with third-party service providers, including cloud vendors and digital asset service providers.
• Recommend appropriate risk mitigation measures to close gaps identified during risk assessments, audits, and regulatory reviews. Monitor progress in closing identified gaps.
• Support reviews of technology incidents and near misses by providing specialist review of root causes and propose action plans to prevent reoccurrence.
• Review the adequacy of IT disaster recovery plans (DRP) and recommend enhancements as necessary.
• Ensure adherence to regulatory requirements related to technology risk, including CBUAE regulations.
• Support the development and enhancement of technology risk policies, frameworks, and procedures in alignment with regulatory expectations.
• Provide input on risk governance mechanisms, ensuring alignment with operational risk policies and enterprise risk management strategies.
• Act as a risk advisor to internal stakeholders, providing independent oversight and challenge to technology risk decisions to ensure technology risk management practices are effective.
• Provide regular reporting and updates to senior management, risk committees, and regulators on technology risk matters.

• Bachelor's or master's degree in information technology, Computer Science, Risk Management, or a related field.
• 5+ years of experience in technology risk management, operational risk, IT governance, or IT audit within the banking or financial sector.
• Hands-on experience with digital assets (e.g., cryptocurrencies, tokenized products, blockchain implementations) from an operational risk perspective.
• Strong understanding of cloud computing models (IaaS, PaaS, SaaS) and associated operational risks.
• Experience in data management practices, including data governance, data lifecycle, and data protection regulations.
• Ability to evaluate Robotic Process Automation (RPA) implementation risks, including process automation governance and resilience factors.
• Experience in risk assessment of AI-driven systems, focusing on operational reliability, regulatory compliance, and ethical considerations.
• Prior experience in a risk management role is highly preferred.
• Familiarity with regulatory requirements from the Central Bank of the UAE (CBUAE) and other relevant international regulatory bodies.
• Strong analytical and problem-solving skills, with the ability to assess complex technology risks.
• Knowledge of technology frameworks such as COBIT, ITIL, NIST, and ISO 27001.
• Ability to assess emerging risks in fintech, cloud computing, and digital asset ecosystems.
• Understanding of third-party risk management frameworks and due diligence processes.