Risk Management Specialist

Jo Academy • Full-time • عمان, JO • 2d ago

Division: Organization & Strategy

Department: Governance, Risk & Compliance (GRC)

Section: Risk Management

Reports To: GRC Director

Direct Reports: None

Location: Office-Based

Work Conditions: Full-Time, Regular, Office/Indoor

Job Summary

The Risk Management Specialist plays a key role in

identifying, evaluating, and mitigating potential risks that could affect the

organization's strategic objectives and daily operations. This role involves

developing risk management frameworks and policies, maintaining comprehensive risk

registers, performing risk assessments, and supporting the implementation of

mitigation plans. The Specialist also collaborates with internal teams,

delivers risk awareness training, and prepares risk reports for senior management.

Key Responsibilities

Conduct risk assessments to identify, analyze, and evaluate threats to the organization’s assets, operations, and reputation.
Design and implement risk management policies, procedures, and frameworks aligned with international standards and organizational goals.
Monitor organizational risk exposure and oversee the execution of risk mitigation strategies.
Maintain and update the organization-wide risk register, ensuring accuracy and relevance.
Prepare periodic risk reports, summaries, and dashboards for senior leadership and board-level reviews.
Collaborate with other departments to ensure risk controls are embedded into core business processes.
Deliver training and awareness sessions on risk identification and mitigation best practices to build a risk-aware culture.
Support internal and external audit activities, including documentation review and corrective action tracking.
Perform any additional tasks assigned by the GRC Director.

Education

Minimum Requirements:

Bachelor’s degree in Business Administration, Information Technology, Law, Industrial Engineering, Economics, or any related field.

Experience

Minimum of 3–5 years of experience in a risk-related role.

Certifications

Mandatory:

GRC certification (e.g., GRCP, GRCA).

Preferred

Certified Operational Risk Manager (ORM), CRCMP, RMP, ISO 31000, or ISO 22301.

Languages

Fluency in Arabic and English (spoken and written).

Start Date

Between June 1, 2025 and June 15, 2025.

Behavioural Competencies

Attention to detail
Accountability and ownership
Learning agility and initiative
Effective verbal and written communication
Strong interpersonal and team collaboration
Time management and organizational skills
Integrity and discretion with confidential information
Creativity and problem-solving under pressure

Technical Competencies

In-depth understanding of GRC frameworks (e.g., COSO, COBIT, ISO standards)
Knowledge of regulatory and compliance environments
Proficiency in data analysis and reporting tools (e.g., Excel, Power BI)
Familiarity with project management platforms and methodologies
Understanding of data protection and compliance frameworks (e.g., GDPR, HIPAA, local equivalents)
Ability to develop policies, procedures, and internal controls for risk mitigation
Experience supporting audits and inspections through proper documentation and evidence tracking
Familiarity with incident/case management systems for breach reporting and escalation
Knowledge of third-party/vendor risk assessment and mitigation practices
Skilled in identifying control gaps and designing strategic mitigation plans