Technology Risk Professional

The company is seeking a Technology Risk professional to join our Cyber Security team. In this role, you will support the governance, risk, and compliance activities that help protect the company’s systems, data, and customers while ensuring alignment with regulatory and security requirements. You will work closely with Cyber Security, IT/Engineering, Enterprise Risk, Compliance, and Business teams to support risk assessments, control implementation, and compliance initiatives. This role requires a strong interest in technology risk, cyber governance, and regulatory frameworks, as well as the ability to understand technical systems and translate them into clear risk and control requirements. As an early-career professional, you are expected to be detail-oriented, eager to learn, and proactive in supporting risk and compliance activities that contribute to the company’s overall cyber security program maturity.

Responsibilities

• Support the identification, assessment, and documentation of technology risks across the company’s systems and processes.
• Assist in maintaining technology risk registers, control inventories, and compliance mappings.
• Support alignment with regulatory and framework requirements such as SAMA CSF, NCA, ISO 27001, PCI-DSS, and PDPL.
• Contribute to monitoring the implementation and effectiveness of technology controls in collaboration with other teams.
• Participate in internal control reviews, risk assessments, and gap analyses for systems, vendors, and processes.
• Support audit and regulatory activities by collecting evidence, tracking findings, and following up on mitigation/remediation actions.
• Collaborate with relevant teams to understand technical implementations and ensure risks are accurately captured.
• Assist in documenting policies, standards, procedures, and control descriptions related to technology risk.
• Track risk treatment actions, control improvements, and remediation timelines, escalating delays or issues when needed.
• Contribute to reporting on technology risk, compliance status, and control maturity for internal stakeholders.
• Stay informed on regulatory updates, emerging technology risks including but not limited to cyber risks, and industry best practices relevant to fintech and overall technology risk.

Requirements

• 0–2 years of experience in Technology Risk, Cyber Security, GRC, IT Risk, Audit, or a related field.
• Foundational understanding of cyber security and technology concepts (e.g., access management, cloud services, logging, encryption).
• Awareness of cyber security and technology risk frameworks such as SAMA CSF, NCA, ISO 27001, NIST, or similar.
• Basic familiarity with cloud environments (e.g., GCP, OCI, AWS) and modern technology stacks is a plus.
• Strong analytical skills, attention to detail, and ability to document information clearly and accurately.
• Excellent communication skills and ability to collaborate with both technical and non-technical stakeholders.
• Willingness to learn and grow in the areas of technology risk, governance, and regulatory compliance.