CodeNinja logo

Technology Risk Analyst - IT Governance & Control (Banking Sector)

CodeNinja

Posted 3 days ago

About this role

About the Company:

Aligned with Saudi Arabia’s Vision 2030, we harness the Kingdom’s rapidly developing talent and technological advancements to support economic diversification and drive industry transformation through cutting-edge AI, computer vision, and automation. Our solutions are strategically designed to empower startups and enterprises with a competitive edge by leveraging local talent and infrastructure, advancing the region’s human capital development. Through ethical innovation and transparency-focused partnerships, we actively contribute to the Kingdom’s ambitious objectives, championing a high-tech, sustainable future. 

Job Summary

We are seeking a highly skilled Technology Risk Analyst to support IT Governance Framework (ITGF) initiatives within the banking sector. The ideal candidate will bring strong experience in IT controls implementation, effectiveness testing, and technology risk assessments, along with hands-on technical expertise across APIs, middleware, operating systems, databases, and infrastructure. This role will work closely with audit, compliance, and technology teams to ensure a robust and regulatory-aligned control environment.

Key Responsibilities

IT Governance & Controls Testing

  • Implement and maintain IT governance and control frameworks aligned with banking regulations and industry standards.
  • Conduct design and operational effectiveness testing of IT General Controls (ITGC) and application controls.
  • Identify control gaps, document findings, and recommend remediation actions.
  • Support internal and external audits related to IT governance and controls.
  • Maintain detailed control testing documentation, evidence, and reporting.

Technology Risk & Compliance

  • Perform technology risk assessments across infrastructure, applications, and data environments.
  • Evaluate risks associated with:
    • APIs
    • Middleware platforms
    • Operating systems
    • Databases
    • Core infrastructure components
  • Develop and maintain risk registers, control matrices, and remediation tracking plans.
  • Monitor key risk indicators (KRIs) and escalate issues to governance stakeholders.

Technical Controls & Security Validation

  • Conduct hands-on testing of technical controls, including:
    • API authentication, authorization, encryption
    • Middleware logging and integrity controls
    • OS hardening, patching, privileged access controls
    • Database access rights, backup/recovery, audit logging
    • Infrastructure security monitoring and change controls
  • Validate segregation of duties (SoD) and privileged access management.
  • Support business continuity and disaster recovery control testing.

Reporting & Stakeholder Engagement

  • Prepare detailed control testing reports with findings and recommendations.
  • Present governance and risk posture updates to management committees.
  • Collaborate with IT, business, compliance, and audit teams to drive remediation closure.

Requirements

  • 5–8 years of overall experience in Technology Risk / IT Controls / IT Audit.
  • Minimum 2–3 years of hands-on experience in IT Governance and Controls Testing within banking or financial services.
  • Strong understanding of IT General Controls (ITGC) frameworks and testing methodologies.
  • Technical expertise across:
    • APIs (REST/SOAP)
    • Middleware platforms
    • Operating systems (Linux/Windows/Unix)
    • Databases (Oracle, SQL Server, PostgreSQL, etc.)
    • Infrastructure and network security controls
  • Familiarity with governance frameworks such as COBIT, NIST, ISO 27001.
  • Strong documentation, analytical, and stakeholder communication skills.
  • Experience working with audit teams and regulatory compliance environments.

Nice-to-Have Requirements

  • Certifications such as CISA, CRISC, CISM, CIA.
  • Experience with GRC tools (ServiceNow GRC, Archer, MetricStream).
  • Exposure to SOX, PCI-DSS, ISO compliance programs.
  • Knowledge of DevSecOps and CI/CD control environments.
  • Cloud security governance experience (AWS, Azure, GCP).
  • Scripting skills (Python, PowerShell, Shell) for control automation.

Why Join Us

At CodeNinja, you will work with leading banking institutions on high-impact governance and risk initiatives. This role provides strong exposure to enterprise IT control frameworks, regulatory environments, and large-scale technology transformation programs within Saudi Arabia.

Disclaimer

CodeNinja is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Shortlisting will be based on role requirements, banking domain alignment, and technical governance expertise.

Job details

Workplace

Office

Location

Riyadh, Riyadh Province, Saudi Arabia

Job type

Full Time

Similar

Company

Website

Visit site

Twitter

@CodeNinjaInc

Jobr Assistant extension

Get the extension →