Technology Risk Specialist

About us 

Tamara is the leading fintech platform in Saudi Arabia and the wider GCC region with a mission to help people make their dreams come true by building the most customer-centric financial super-app on earth. The company serves millions of users in the region and partners with leading global and regional brands such as SHEIN, Jarir, noon, IKEA and Amazon, as well as small and medium businesses.

Tamara is Saudi’s first fintech unicorn and is backed by Sanabil Investments, SNB Capital, Checkout.com, amongst others, operating out of its headquarters in Riyadh, Saudi Arabia with other regional and global support offices

Your role

Tamara is seeking a Technology Risk to join our Cyber Security team. In this role, you will support the governance, risk, and compliance activities that help protect Tamara’s systems, data, and customers while ensuring alignment with regulatory and security requirements.

You will work closely with Cyber Security, IT/Engineering, Enterprise Risk, Compliance, and Business teams to support risk assessments, control implementation, and compliance initiatives. This role requires a strong interest in technology risk, cyber governance, and regulatory frameworks, as well as the ability to understand technical systems and translate them into clear risk and control requirements.

As an early-career professional, you are expected to be detail-oriented, eager to learn, and proactive in supporting risk and compliance activities that contribute to Tamara’s overall cyber security program maturity.

Your responsibilities

• Support the identification, assessment, and documentation of technology risks across Tamara’s systems and processes.
• Assist in maintaining technology risk registers, control inventories, and compliance mappings.
• Support alignment with regulatory and framework requirements such as SAMA CSF, NCA, ISO 27001, PCI-DSS, and PDPL.
• Contribute to monitoring the implementation and effectiveness of technology controls in collaboration with other teams.
• Participate in internal control reviews, risk assessments, and gap analyses for systems, vendors, and processes.
• Support audit and regulatory activities by collecting evidence, track findings, and following up on mitigation/remediation actions.
• Collaborate with relevant teams to understand technical implementations and ensure risks are accurately captured.
• Assist in documenting policies, standards, procedures, and control descriptions related to technology risk.
• Track risk treatment actions, control improvements, and remediation timelines, escalating delays or issues when needed.
• Contribute to reporting on technology risk, compliance status, and control maturity for internal stakeholders.
• Stay informed on regulatory updates, emerging technology risks including but not limited to cyber risks, and industry best practices relevant to fintech and overall technology risk.

Your expertise

• 0–2 years of experience in Technology Risk, Cyber Security, GRC, IT Risk, Audit, or a related field.
• Foundational understanding of cyber security and technology concepts (e.g., access management, cloud services, logging, encryption).
• Awareness of cyber security and technology risk frameworks such as SAMA CSF, NCA, ISO 27001, NIST, or similar.
• Basic familiarity with cloud environments (e.g., GCP, OCI, AWS) and modern technology stacks is a plus.
• Strong analytical skills, attention to detail, and ability to document information clearly and accurately.
• Excellent communication skills and ability to collaborate with both technical and non-technical stakeholders.
• Willingness to learn and grow in the areas of technology risk, governance, and regulatory compliance.

All qualified individuals are encouraged to apply.

To learn more about how we protect your privacy, please visit our Candidate privacy notice.