Risk Specialist

Position: Risk Specialist
Reporting To: Audit, Risk Compliance Manager
Employment Type: Full Time (hiring for client company)

JOB PURPOSE

The job holder is responsible for identifying and assessing the risks associated with the companies corporate operations and for detecting, managing, and mitigating organizational threats across all functions. The job holder designs, implement, and continuously enhance risk management models and supports the business by providing expert advice on specific subject matters such as malpractice, financial crime, training, and competence and works with the company on emerging issues; analyzes data, maintain accurate records, and produce detailed reports. They also participate in reviews and audits to ensure compliance with company policies and regulatory requirements. In addition, the job holder shall monitor the impact of the Board's business plan on the overall risk management framework and provides proactive coaching, guidance, and support to ensure its effective implementation across the organization.

SCOPE OF RESPONSIBILITIES:

1. Risk Identification & Assessment

• Conduct comprehensive risk assessments for new and existing business activities, third-party arrangements, outsourcing roles, and emerging risks.
• Gather and analyze qualitative and quantitative data through document reviews, interviews, and process walkthroughs to identify vulnerabilities.
• Evaluate the likelihood and impact of risks using established frameworks (e.g., ISO 31000, COSO ERM).
• Prioritize risks based on exposure levels and recommend appropriate mitigation actions.

2. Risk Mitigation & Control Development

• Collaborate with business units to develop and implement risk mitigation strategies, controls, and contingency measures.
• Establish and monitor Key Risk Indicators (KRIs) and trigger limits to detect early signs of risk escalation.
• Support management in implementing and testing internal controls to ensure design effectiveness and operational efficiency.

3. Risk Monitoring & Reporting

• Maintain and update the corporate risk register in collaboration with Internal Audit, Compliance and relevant departments.
• Prepare periodic risk reports highlighting key trends, control gaps, and emerging issues for management and the Risk Committee.
• Lead the business continuity project in collaboration with cross-functional divisions to establish and strengthen organizational resilience.
• Coordinate periodic risk reviews and ensure that business continuity and crisis management plans remain current, tested, and effective.

4. Regulatory & Compliance Alignment

• Stay abreast of evolving regulatory requirements and ensure organizational compliance with applicable laws, regulations, and industry standards.
• Support in preparing regulatory risk reports and filings in accordance with statutory deadlines.

5. Awareness & Culture

• Deliver risk management training, awareness sessions, and communications to promote a proactive risk culture across the organization.
• Provide advisory support on risk aspects of strategic projects, change initiatives, and new business ventures.

COMPETENCIES & SKILLS:

• Good awareness of the laws and regulations relevant to the companys operations (e.g., PDPL, labour, VAT, trade, and governance) to ensure risk and continuity plans align with regulatory expectations.
• Strong understanding of enterprise and operational risk management frameworks such as ISO 31000 and COSO ERM.
• Good knowledge of Business Continuity and Crisis Management principles, including how to develop, test, and maintain continuity plans in line with ISO 22301.
• Clear understanding of the organizations business model, operations, and financial impact, to assess how risks can affect performance or service delivery.
• Awareness of the functions and key risks of different divisions (Retail, Logistics, IT, HR, Beverages, Alosra, etc.) and their operating environments.
• Ability to identify and monitor emerging risks and changes in the external or regulatory environment.
• Basic understanding of legal documentation and compliance processes, to assess risk implications.

QUALIFICATION & EXPERIENCE:

• Minimum 5-6 years of experience in enterprise risk or BCM within a multi-division organization.
• Bachelor's degree in risk management, finance, or related field.
• Professional certification: CRMA / CRMP / CRM