Risk Manager

Lead the development and continuous enhancement of a robust Enterprise Risk Management (ERM) framework across United Developers and its portfolio—Place Vendôme Mall, Trocadero Theme Park, Tarfat Public Infrastructure, and Le Royal Meridien Hotel and Residences. Ensure operational continuity, asset protection, and stakeholder confidence through strategic oversight of financial, operational, compliance, and reputational risks, in coordination with internal audit, the Audit Committee, and other stakeholders. KEY RESPONSIBILITIES & ACCOUNTABILITIES : 1.Risk Management Framework Implementation : Develop and implement an integrated Enterprise Risk Management (ERM) framework aligned with ISO 31000 and COSO principles. Define risk taxonomy, appetite thresholds, scoring methodologies, and mitigation protocols tailored to United Developers’ operations. Establish structured processes for risk identification, analysis, evaluation, treatment, monitoring, and reporting across all assets. Ensure policies remain current with changes in regulatory landscapes and organizational needs. 2.Policy and Procedure Development : Draft, implement, and regularly update a comprehensive suite of risk-related governance documents, including : Enterprise Risk Management (ERM) policies and manuals Risk identification and reporting protocols Business continuity plans (BCP) Crisis response frameworks Incident escalation procedures Compliance assurance guidelines Develop standard operating procedures (SOPs) and control measures to address key risk areas across all SOPs, Policies and business units. Ensure complete alignment of all policies with local regulations (e.g., Qatari law, municipal requirements, QCDD), international best practices (e.g., ISO 31000, COSO ERM), and organizational objectives. Establish a uniform policy structure and documentation format to promote consistency, clarity, and ease of implementation across departments. Collaborate closely with Legal, External Audit, Internal Audit, Quality Control, and relevant stakeholder teams to integrate risk considerations into operational and regulatory compliance frameworks. Create a centralized repository of all approved policies, with version control and periodic review cycles. Ensure that each policy has clearly defined ownership, implementation responsibilities, and review timelines. Drive the organization's objective of having comprehensive, auditable, and actionable policies and processes in place for all material business risks. 3.Risk Oversight Across Business Units : Place Vendôme Mall Place Vendome Mall is a 200,000 sqm GLA shopping centre located in Tarfat, Lusail with up to 550 shops. Oversee strategic, operational, financial, compliance, and reputational risks related to : Leasing and revenue performance Tenant compliance and legal exposures Facilities Management Mall Management Specialty Leasing Procurement Outsourced services and contractor performance Security, health, and safety standards IT infrastructure, data privacy, and cyber risks Customer experience and brand perception Trocadero Theme Park Trocadero Theme Park is an indoor family entertainment centre located within Place Vendome Mall owned by United Developers. Monitor and mitigate a comprehensive set of risks including : Guest and ride safety, liability, and incident response Regulatory compliance (municipal and national) Vendor management and equipment maintenance Financial sustainability and revenue variability Cybersecurity, ticketing systems, and customer data protection Reputational risks from service disruption or negative publicity United Hotel Management (Le Royal Meridien & Residences) Le Royal Meridien Hotel and Residences, 377 keys, is managed by Marriot International pursuant to a long term Hotel Management Agreement. The Risk Manager should maintain oversight at a high level with oversight of Marriot and it’s operations : Hospitality operations, guest safety, and service quality Food & beverage hygiene, regulatory health standards Franchise or brand compliance (Marriott / Starwood) Legal claims, insurance adequacy, and contract liabilities IT and cybersecurity risks affecting guest data and booking systems Third-party operator performance and alignment with brand standards Tarfat Public Infrastructure Tarfat Public Infrastructure includes the public infrastructure within the 4 square km Tarfat district of Lusail. Supervise long-term and systemic risks including : Maintenance obligations and capital replacement risks Regulatory compliance (e.g., QCDD, Al Daayen Municipality Lusail Community Management guidelines) Public liability and infrastructure-related hazards Budgetary risks Community perception and stakeholder expectations 4.Risk Monitoring & Reporting : Maintain a centralized and regularly updated Risk Register with clearly defined risk owners and mitigation timelines. Develop risk dashboards and present risks, trends, and corrective action updates to senior leadership and the Board (or Risk Committee). Track Key Risk Indicators (KRIs) and ensure timely resolution of flagged items. Ensure the Risk Register is auditable and supports root cause analysis and continuous improvement. 5.Internal Audit and External Stakeholder Coordination : Act as the primary risk counterpart for Internal Auditors and other third-party consultants. Coordinate audit fieldwork and follow-up on audit recommendations to ensure implementation. Prepare and facilitate periodic reviews with auditors, regulatory bodies, and Board Committees, ensuring transparent and professional communication. Support the preparation of risk disclosures for annual reports or regulatory filings, as applicable. Financial Risk Management : Work with the Finance team to assess and mitigate financial risks such as credit risk, liquidity risk, investment risk, budget variance, and financial reporting inaccuracies. Evaluate vendor solvency and financial exposures related to outsourced contracts and capital projects. Contribute to insurance planning, cost-benefit analysis, and risk transfer strategies (e.g., coverage limits, deductibles, business interruption). 7.Business Continuity and Crisis Management : Lead the development, testing, and periodic update of Business Continuity Plans (BCP) and Crisis Management Protocols across all business units. Conduct tabletop simulations and emergency drills in coordination with Operations and HSE teams. 8.Training and Risk Culture : Drive risk awareness programs and workshops across departments. Stay updated on the industry trends, regulatory changes, risk modeling techniques Train managers and supervisors in risk identification and escalation procedures. Embed a proactive and accountable risk culture throughout the organization. Skills QUALIFICATIONS & EXPERIENCE : Bachelor's degree in Risk Management, Engineering, Business, or Finance. Professional certifications preferred : IRM, FRM, CIA, CRMA, ISO 31000 Lead Implementer, or equivalent. Master’s degree in a related field is an advantage. Minimum of 7–10 years of experience in enterprise risk management, preferably in the real estate, hospitality, or retail sectors within the GCC. Prior experience engaging with Big Four auditors (PwC, EY, etc.) is a strong advantage. Familiarity with local (Qatari) regulatory environment is preferred. KEY SKILLS : Expertise in risk frameworks (ISO 31000, COSO ERM) Strong policy drafting and governance documentation Stakeholder engagement and audit coordination Analytical and strategic problem-solving Risk systems (ERM tools, dashboards, KRIs, visualization) Proficiency in MS (Excel, PPT, Word etc.) Proficiency in Power BI and data visualization will be an asset.

#J-18808-Ljbffr