Governance, Risk, and Compliance (GRC) Specialistcorporate governance, risk assessment methodologies, compliance audits, and IT security policies
Key Responsibilities:
1. Governance & Compliance ImplementationDevelop and implement IT governance, risk management, and compliance policies.
- Monitor compliance with national and international regulations (e.g., DGA, NCA, ISO 27001, CGEIT).
- Ensure that governance frameworks align with business objectives and regulatory standards.
2. Risk Assessment & MitigationConduct risk assessments and gap analyses to identify potential vulnerabilities.
- Develop risk mitigation plans to minimize organizational exposure.
- Implement business continuity and incident response plans to ensure operational resilience.
3. Audit & ReportingPrepare and submit periodic governance and compliance reports to senior management.
- Support internal and external audits, ensuring full regulatory adherence.
- Track and analyze compliance performance and suggest improvements.
4. Cross-Department CollaborationWork closely with IT, cybersecurity, and business units to ensure alignment of governance policies.
- Provide guidance and training to employees on compliance best practices.
- Collaborate with legal and regulatory bodies to ensure up-to-date adherence to industry standards.
5. Policy Development & DocumentationDevelop compliance documentation, governance policies, and procedural manuals.
- Ensure governance frameworks support digital transformation initiatives in IT and cybersecurity.
- Continuously review and update compliance policies and governance structures.
Required Qualifications & Skills:
- Minimum Educational RequirementsBachelor’s degree in Information Technology, Computer Science, Business Administration, or a related field.
- Technical & Regulatory SkillsCertification in Governance, Risk, and Compliance (CGEIT, CRISC, ISO 27001, ITIL, or equivalent).
- Strong knowledge of national cybersecurity regulations and governance frameworks in Saudi Arabia (DGA - Qiyas, NCA, SAMA Cybersecurity Framework).
- Experience in IT risk management, compliance monitoring, and regulatory audits.
- Familiarity with governance frameworks like COBIT and ITSM methodologies.
- Strong analytical, problem-solving, and decision-making skills.
- Excellent communication and reporting skills to present findings and recommendations.
Experience Requirements:
- Minimum of 3 years of experience in governance, risk management, and compliance.
- Proven track record in developing governance frameworks and implementing compliance controls.
- Previous experience working with regulated industries such as banking, government, or healthcare is preferred.
Preferred Qualifications:
- Knowledge of cybersecurity policies, incident response, and data protection laws.
- Certification in COBIT, PMP, or Lean Six Sigma for process improvement.
