Head of Operation Risk Management

About us: Soar is a global fintech startup that specializes in financing and investment. Currently headquartered in Saudi Arabia, Soar is growing throughout the region with a mission to help people achieve their financial goals with innovative financial and property investment solutions and tools through its multi-purpose platform, designed to offer a simple and seamless user experience.

Role Summary:

The Head of Operational Risk Management is a critical leadership role responsible for developing, implementing, and maintaining a robust operational risk management framework across the organization, in compliance with Saudi Central Bank (SAMA) requirements. The HORM will report to the Chief Risk Officer (CRO) and will oversee the identification, assessment, mitigation, monitoring, and reporting of all operational and technology risks. This role is also responsible for establishing the Fraud Risk Management Framework, with the Fraud Risk Manager reporting directly to this position. The core objective is to minimize potential losses arising from failed internal processes, systems, people, or external events.

Key responsibilities

• :Design, implement, and maintain the foundational pillars of the Operational Risk Management (ORM) framework, including policies, governance structures, and methodologies
• .Lead the implementation and ongoing execution of the RCSA methodology across all departments (e.g., HR, operations, finance, business, technology) to proactively identify, evaluate, and manage inherent risks and control effectiveness
• .Design, maintain, and regularly update comprehensive Operational Risk Registers and loss event databases, ensuring accurate classification and timely reporting of incidents
• .Develop and monitor relevant Key Risk Indicators (KRIs) and thresholds specific to operational risk, providing early warning signals for potential control failures
• .Develop and implement a formal, clear, and organization-wide Incident Reporting Process for operational risk and near-miss events, ensuring all staff can easily report issues in a consistent manner
• .Ensure timely and accurate reporting of all major operational and cyber security incidents to SAMA, adhering strictly to mandated thresholds, content requirements, and reporting timelines
• .Oversee and enforce the mandatory use of Root Cause Analysis for all material incidents to ensure that control weaknesses are identified and permanently remediated
• .Oversee and provide strategic direction to the Fraud Risk Manager, ensuring the development and execution of an effective, end-to-end fraud prevention, detection, and response program, including managing the internal whistleblowing and fraud investigation processes
• .Collaborate closely with the Technology and Cybersecurity teams to manage and mitigate Technology Risk and Cyber Security Risk, including risks related to system failures, data integrity, platform changes, and third-party vendor reliance
• .Conduct mandatory operational risk training for all employees and management to foster a strong risk-aware culture, emphasizing the importance of effective control performance and accountability
• .Prepare detailed, high-quality ORM reports for the CRO, Executive Management, and the Board Risk Committee, highlighting material exposures, control deficiencies, and progress on remediation plans

.
Qualifications & Skill

• s:Bachelor's degree in Business, Finance, Risk Management, or a related quantitative field. A professional certification is strongly preferre
• d.Minimum of 8-10 years of experience in Operational Risk Management within the financial services sector, with at least 4 years in a leadership or managerial capacity. Experience in a Fintech or a digitally-focused environment is highly advantageou
• s.Deep, practical experience in implementing and running core ORM tools, including RCSA, loss data collection, scenario analysis, and KRI monitorin
• g.Solid understanding of SAMA's requirements and expectations regarding operational risk, governance, and business continuity, especially as they apply to technology-driven financial institution
• s.Proven experience in establishing or significantly contributing to a formal Fraud Risk Management progra
• m.Communication: Excellent verbal and written communication skills in both English and Arabic to effectively liaise with technical teams, senior management, and the CR

O.
Desirable skil

• ls:Relevant professional certifications such as Certified Operational Risk Professional (CORP), Certified Fraud Examiner (CFE), or PRM/FRM with a focus on non-financial ris
• ks.Direct experience with mortgage financing or other asset-backed lending processes, understanding the associated operational pitfal
• ls.Prior experience in technology risk, IT audit, or internal audit, providing a deep understanding of internal controls within a highly automated environme
• nt.Advanced skills in process mapping and control optimization to drive efficiency while maintaining control effectivene