Head of Internal Control & Resilience Group Operations

The role of Internal Controls & Resilience, Group Operations is responsible for leading and strengthening internal control, governance, risk, and assurance framework across Group Operations. The role acts as a 1.5 Line of Defense, serving as a strategic conduit between first-line operations and second/third-line functions (Risk, Compliance, Finance, Audit), ensuring robust control design, effective execution, and continuous improvement in the operational risk landscape.The role is accountable for driving enterprise-grade governance, control assurance, and risk management practices, including proactive identification of control gaps, systemic risk mitigation, and embedding a strong risk-aware culture across operations.In addition to core GRC responsibilities, the role has evolved to include:Enterprise Governance Leadership: Structuring and operationalizing the Operations Group Risk Management Forum (OGRM), enabling data-driven risk discussions, thematic insights, and escalation into enterprise forums such as Operational Risk & Resiliency Committee (ORRC).Control Transformation & Integration: Active role in cross-functional initiatives such as Identity & Access Management (IAM) and Role-Based Access Control (RBAC), representing Group Operations, ensuring alignment with enterprise security and regulatory expectations.Operational Risk Event (ORE) Governance: Strengthening end-to-end governance of operational risk events in collaboration with Technology GRC and Risk teams, ensuring high-quality root cause analysis, ownership clarity, and closure discipline.Enterprise Reconciliation Assurance: Providing oversight of reconciliation control effectiveness under the Enterprise Reconciliation Framework (ERF), including direct leadership of the Quality Assurance & Proofing Unit, ensuring independent validation, exception monitoring, and closure governance across all reconciliation types (Nostro / Inter Branch, GL, VAT, internal accounts, etc.).Resilience & Risk Alignment: Representing Operations in enterprise resilience and risk forums, aligning operational risk insights with BCP/BIA, incident management, and systemic resilience priorities.The role requires strong cross-functional leadership, balancing partnership with business units while maintaining independent assurance rigor, ensuring that operational controls are not only compliant but also effective, scalable, and aligned with the bank’s strategic and regulatory objectives. DimensionsGovernance & Risk OversightEnterprise-wide coverage across Group Operations (UAE + IBG locations)Ownership of OGRM governance structure, outputs, and escalation mechanismsActive participation in enterprise risk and resilience forumsControl & Assurance CoverageOversight of GRC reviews, thematic control assessments, and audit action trackingIndependent assurance via QA & Proofing Unit under ERFCoverage across financial and non-financial processesControl Transformation InitiativesLeadership of IAM / RBAC alignment across operationsIntegration of technology, automation, and analytics into control frameworksContinuous improvement of governance and control methodologiesData & ReportingData-driven risk identification and decision-makingDevelopment of dashboards, KPIs, and early warning indicatorsAutomation of GRC reporting and governance outputsReconciliation AssuranceEnterprise-wide proofing coverage (Nostro, Vostro, GL, VAT, internal accounts...)Monitoring of reconciliation SLAs (T+0, T+3, aging thresholds)Exception management governance, thematic analysis, and escalation disciplineOperational Risk GovernanceStandardization of Operational Risk Event (ORE) lifecycleStrengthening root cause analysis and systemic issue identificationIntegration with Technology GRC, Finance and Risk teamsKey Result Areas1. Comprehensive GRC ReviewsPlan, execute, and report GRC reviews across operations unitsEnsure alignment with enterprise risk frameworks and regulatory expectations2. Risk Identification & ReportingIdentify, assess, and communicate risks, control gaps, and thematic issuesDrive remediation in collaboration with business and support functions3. Audit & Regulatory ManagementTranslate audit findings into structured action plansEnsure timely and sustainable closure of audit observations4. Governance Forum Management Lead structuring and execution of OGRMEnable high-quality risk insights and decision-makingSupport escalation into ORRC / ExCo where required5. Operational Risk Event (ORE) GovernanceStrengthen end-to-end ORE lifecycle managementEnsure ownership clarity, RCA quality, and closure effectiveness6. Enterprise Reconciliation Assurance (ERF)Oversee reconciliation control framework across all account typesEnsure adherence to reconciliation policies, timelines, and control standardsDrive reduction in aged and unreconciled items7. Quality Assurance & Proofing OversightLead and govern the QA & Proofing UnitEnsure independent validation of reconciliation activitiesDrive thematic reviews, exception tracking, and closure governance8. Identity & Access Management GovernanceLead operations alignment for IAM and RBAC initiativesEnsure compliance with least privilege and access control standards9. Thematic Risk & Control ManagementIdentify systemic control weaknesses and emerging risksDrive cross-functional remediation and continuous improvement10. Data-Driven GRC & AutomationLeverage analytics to enhance risk insights and control effectivenessDrive automation of reporting and governance processes Operating Environment, Framework and Boundaries, Working RelationshipsOperating EnvironmentMulti-country, multi-functional operations environment (UAE, India, Egypt, Pakistan, IBG)High-volume transaction environment across payments, trade, cards, treasury, retail, and corporate bankingStrong regulatory and audit scrutinyFrameworkOperates within enterprise GRC, ERF, and operational resilience frameworksMaintains independence as a 1.5 Line of