Manager – Risk Governance

OVERVIEW                                                                                                                                     

NEOM is an accelerator of human progress and a vision of what a new future might look like. A region in northwest Saudi Arabia on the Red Sea, NEOM is being built from the ground up to include hyperconnected, cognitive cities, ports, next-generation infrastructure and industries, enterprise zones, research centers, sports and entertainment venues and tourist destinations.

As a destination, it will be a home for people who dream big and want to be part of building a new model for exceptional livability, creating thriving businesses and reinventing environmental conservation.

As a workplace, it is a place for people who share our core values of care, curiosity, diversity, passion, respect, and becoming a catalyst for change.

Are you ready to help NEOM find solutions to the world’s most pressing challenges? Are you prepared to create a lasting legacy that benefits generations to come? Then we want to hear from you!

ROLE OVERVIEW

As part of the ERM Function’s Risk Governance Team, the Manager Risk Governance shall be responsible to develop, enhance, and implement the ERM Operating Model & Governance Structure. This includes development and maintenance of Risk and Internal Control governance documents and procedures, and enablement of mature risk management processes and culture. Further, the role will also support with oversight on establishment of subsidiary/ sub-entity level risk management functions.

The ideal candidate will possess both technical expertise and experience, along with strong communication and leadership skills to effectively influence and collaborate across multiple stakeholder groups. This role reports to the Senior Manager – Risk Governance.

KEY ACCOUNTABILITIES & ACTIVITIES

Key Responsibilities

Implementation of the ERM Operating Model    

• Support the assessment and improvement of the overall internal ERM function. This includes development of a fit-for-purpose ERM organizational structure, maintaining cross ERM vertical interfaces, and enabling collaboration efforts with other NEOM-wide sectors, regions and functions.
• Maintain ERM Function’s library of job descriptions, assess resource and budgeting requirements, and manage the ERM Function’s hiring and on-boarding process.
• Support the Senior Manager Risk Governance in developing and monitoring ERM Functions performance metrics/ targets.
• Support the development of Yearly ERM activity plans with the objective of enhancing overall maturity of NEOM-wide risk management methodologies, approaches, and processes. • Support the establishment of subsidiary/ sub-entity level risk management functions. Ensure that these functions are aligned with NEOM-ERM requirements.
• Support the maintenance of strong relationships with all NEOM key stakeholders (including its GRC partners / champions). This includes maintaining a central repository of all contact points including their counterparts (at GRC – ERM Function).
• Manage performance of Risk Reporting and GRC System’s employees (direct reports). This includes choosing metrics and setting targets (to be conducted jointly with Senior Management and HR function), identifying relevant training programs, creating targeted employee level development plans, enhancing team capabilities, and/or coaching team members.

Risk Governance

• Develop, implement and maintain Risk and Internal Control Policies, Framework and Processes/ Procedures (‘ERM Governance Documents’). Ensure that the ERM Governance Documents comprehensively cover all NEOM activities and material risk and control types. Ensure that these documents are aligned with NEOM Business context and applicable best practices.
• Support the development, implementation, and maintenance of an integrated GRC Framework.
• Where applicable, review of non-risk policies to ensure that these have the required risk management clauses embedded.
• Assist in defining and/or updating relevant Risk Appetites and limits / thresholds.
• Develop/ enhance, implement and maintain the risk and control taxonomy.
• Develop and maintain Board-level and Executive-level GRC/ Risk Committees terms of refences (‘ToRs’).

GRC Integrated Reporting     

• Support the development and enhancements of the periodic GRC reporting. This includes defining relevant reporting structure, reporting processes, templates, dashboards, etc.
• Support with the regular on-time GRC reporting to relevant stakeholders (including senior management, management committees, board committees, and other internal and external stakeholders).

Risk & Incident Monitoring

• Develop and implement a consistent process to periodically aggregate exposures prevalent in risk and control registers (‘Bottom-Level Risks’). Conduct timely consolidation of Bottom-Level risk exposures to arrive at key pervasive themes.
• Develop and implement processes to identify Risk Incidents (i.e., materialized risks). Triage incidents and collaborate with ERM Risk Teams to ensure that risk incidents are investigated, risk assessed, treated and reported.
• Maintain a comprehensive incident log/ database. Periodically assess the incident log/ database to identify key trends and root-causes. Further, support the development (with applicable stakeholders) of targeted treatment plans.
• Support development of risk quantification techniques across ERM risk domains and NEOM Entities.

Collaboration and Culture

• Provide strategic and expert advice to the Senior Manager – Risk Governance, other ERM Team Members, and to broader stakeholder groups on risk governance and risk management processes.
• Develop and implement initiatives to promote a strong risk culture across NEOM. This includes conducting periodic risk culture surveys/ studies, ERM and internal control maturity assessments, holistic risk management training programs etc.
• Promote a strong culture of collaboration across the ERM Function.
• Identify the relevant emerging best practices in Risk Management and ensure their implementation in NEOM if appropriate.
• Work with other Risk Domain teams (i.e., Strategic and Financial Risks, Project Risks, and Risk Governance), providing input on risk management processes, governance, and other matters.

Culture and Values

• Embrace NEOM’s culture and Values https://www.neom.com/en-us/about
• Act with honesty and integrity by following best practices, and upholding the robust standards and expectations set out in NEOM’s Code of Conduct.
• Maintain fair, ethical and professional work practices in accordance with NEOM’s Values and Code of Conduct.

BACKGROUND, SKILLS & QUALIFICATIONS

Knowledge Skills and Experience

• 7+ years experience in ERM/ Risk Management functions.
• Experience in consulting and/ or complex multi-national organizations would be an advantage.
• Experience in the GCC region would be an advantage.
• Knowledge of ERM and Internal Controls frameworks (e.g. COSO, ISO, COBIT) and other best practices.
• Experience in developing, reviewing, enhancing governance documents (policy, frameworks, policies).
• Experience in risk domains (Finance, Strategy, Operational, Compliance, etc.) including experience of conducting risk reviews, control assessments, and enhancements
• Knowledge of GRC and risk technology.
• Change leadership and organizing skills. A strong and organized personality.
• Self-confidence and the ability to communicate with others. Must be skillful at building collaborative relationships across NEOM and its Subsidiaries and across all lines of management.
• Ability to handle confidential and sensitive matters.
• Ability to communicate clearly and effectively in English, both orally and in writing. Knowledge of other languages is desirable.
• Expert skills in report-writing and presentation techniques.

Qualifications          

• Bachelor’s degree in Accounting / Business Administration / Economics / Engineering or similar from an accredited university. A postgraduate degree would be an advantage.
• Additional certifications from internationally recognized bodies would be an advantage (e.g., CA/CPA or equivalent, FRM, CIA, etc.).