Senior Manager - Group Risk & Internal Control

Job Description

Who we are looking for

If youre passionate about safeguarding success while enabling growth, this is the role for you.

Job Purpose

The role focuses on identifying, assessing, and managing enterprise risks and controls, driving governance maturity, and embedding a risk-aware culture across the assigned entities or clusters.

Responsibilities

• Act as the primary risk and internal control representative for the assigned cluster and serve as the liaison between the cluster and the Group Risk & Internal Control function.
• Implement the ERM lifecycle at cluster level: context definition, risk identification, risk evaluation, response, monitoring, and reporting.
• Maintain and update cluster-level Risk Registers, Control Libraries, and Risk Appetite/Tolerance limits in accordance with group standards.
• Lead the periodic risk assessment workshops and control testing (ToD and ToE) activities.
• Review residual risk exposure and evaluate adequacy of controls in line with the Group Risk Rating Matrix and Gap Tracker protocols.
• Monitor implementation of mitigation and remediation plans and ensure timely closure of high-priority gaps.
• Ensure alignment with ADQ ICFR and ADAA internal control mandates, especially in financial, operational, and compliance domains.

• Design and maintain the cluster-level Internal Control Map aligned with entity-, process-, and IT-level controls.
• Supervise control self-assessments and collaborate with first-line stakeholders to validate control effectiveness.
• Coordinate annual and ad-hoc ICFR and COSO-based evaluations, providing necessary support to both internal and external assurance bodies.
• Ensure integration of control assertions, materiality thresholds, and reporting obligations across cluster entities.

• Provide quarterly reports and dashboards to the Group Risk & Internal Control team, ARC, and ExCom representatives.
• Facilitate cluster-specific Risk Committee meetings, providing input into Group-level Risk Heatmaps and enterprise-wide scenarios.
• Track and report Key Risk Indicators (KRIs), emerging risks, appetite breaches, and gaps in internal controls.

• Mentor and guide assigned Risk Officers, Analysts, or Specialists in the cluster.
• Build collaborative partnerships with functional heads (e.g., Finance, HSSE, Compliance, Operations) to support integrated risk and control practices.
• Conduct training sessions, awareness workshops, and governance townhalls to reinforce risk culture.

• Bachelors or masters in risk management, Business Administration, Finance, or related field.
• Demonstrated experience with ERM and ICFR implementation at cluster or business unit level.
• Familiarity with regulatory frameworks (ADAA, SCA), ADQ standards, and COSO ERM & Internal Control frameworks.
• Project/program management skills - demonstrable track record successfully managing projects at technical and tactical levels, coordinating multi-disciplinary projects.
• Excellent analytical skills and understanding of processes, risks, and controls
• Excellent in English (Speak, read, and write).
• Preferably, Excellent in Arabic (Speak, read, and write).
• 1215 years of experience in risk, internal controls, compliance, or audit functions, with at least 35 years in a leadership role overseeing risk/control implementation in a large organization.
• Hands-On competencies, where he/she is able to drive and implement risk & internal control strategic programs.
• Experience in using risk management technology tools.