Chief Risk Officer (CRO)

About This Role

Chief Risk Officer (CRO) — Job Description

About the role:

The Chief Risk Officer (CRO) leads enterprise risk management, setting risk appetite, developing risk frameworks, and ensuring the organization identifies, measures, monitors, and mitigates material risks across strategy, operations, finance, compliance, technology, and reputation.

Key responsibilities:

• Risk strategy & governance: Define enterprise risk management (ERM) strategy, risk appetite/tolerance, and governance structures; chair or partner with risk committee(s).
• Risk identification & assessment: Maintain a comprehensive risk taxonomy; run regular enterprise-wide risk assessments and scenario analyses (including strategic, credit, market, operational, liquidity, cyber, legal, regulatory, and reputational risks).
• Risk frameworks & policies: Develop and maintain risk management frameworks, policies, limits, controls, and escalation protocols; ensure alignment with corporate strategy and regulatory expectations.
• Risk measurement & analytics: Oversee development of quantitative and qualitative risk metrics, stress-testing, loss modeling, KRIs, and dashboards to track exposures and trends.
• Capital & liquidity risk (if applicable): Coordinate capital adequacy, liquidity planning, and contingency funding frameworks with finance and treasury.
• Credit & market risk (if applicable): Oversee credit underwriting standards, exposure limits, portfolio concentrations, hedging strategies, and market risk controls.
• Operational & technology risk: Drive programs to mitigate operational risk, third-party/vendor risk, business continuity, incident management, change control, and cyber resilience in coordination with IT/security.
• Regulatory engagement & compliance alignment: Liaise with regulators and ensure ERM meets regulatory expectations; coordinate with compliance, legal, and internal audit.
• Risk reporting & escalation: Produce timely, accurate risk reporting for the board, executive team, audit/risk committees, and regulators; escalate material risks and incidents with recommended remediation.
• Model risk management: Oversee model governance, validation, and lifecycle management where models inform risk or capital decisions.
• Risk appetite implementation: Translate board-level appetite into limits, delegation, policies, and decision-making criteria embedded in business processes.
• Remediation & control improvement: Track remediation of risk findings, drive root-cause analysis, and oversee control strengthening programs.
• Third-party & concentration risk: Establish vendor risk management, due diligence, contracting standards, and concentration monitoring.
• Culture & training: Promote risk-aware decision-making and deliver risk training, workshops, and communications across the enterprise.
• Team leadership: Build and lead the risk organization (risk analysts, model validators, operational risk managers) and set talent, tools, and operating model.

Qualifications:

• Experience: 10+ years in risk management, finance, audit, or related fields; 5+ years in senior risk leadership roles preferred. Experience in the company’s industry (banking, insurance, fintech, manufacturing, energy, etc.) is highly desirable.
• Education & credentials: Bachelor’s degree required; advanced degree (MBA, MS/MA) or professional qualifications preferred (FRM, CFA, PRM, CRO certification).
• Skills: Enterprise risk frameworks, quantitative risk modeling, stress-testing, risk appetite design, regulatory interaction, crisis management, and strong stakeholder communication.
• Technical: Familiarity with risk systems, analytics platforms, data governance, scenario analysis tools, and relevant regulatory frameworks (Basel, IFRS9, Solvency II, or industry equivalents where applicable).
• Leadership traits: Analytical, decisive, influencing skills, independent judgment, integrity, and ability to drive change across functions.

Job Types: Full-time, Permanent

Pay: QAR315.17 - QAR1,299.19 per hour

Work Location: In person