Key Responsibilities:
GRC Leadership
- Develop and execute the organization's Governance, Risk, and Compliance strategy.
- Lead and mentor the GRC team while driving continuous improvement initiatives.
- Define KPIs and performance metrics for GRC operations.
Governance & Compliance
- Establish and maintain governance frameworks, policies, and procedures.
- Ensure compliance with applicable regulations, standards, and industry best practices.
- Lead internal and external compliance assessments and audits.
Enterprise Risk Management
- Develop and oversee enterprise risk management frameworks.
- Conduct risk assessments and recommend mitigation strategies.
- Monitor organizational risks and ensure effective risk treatment plans.
Training & Awareness
- Promote a culture of governance, compliance, and risk awareness.
- Develop and deliver GRC awareness and training programs.
Stakeholder Engagement
- Collaborate with executive leadership, Legal, IT, Operations, and external regulators.
- Present executive reports and compliance updates to senior management.
Qualifications:
- Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business Administration, or a related field.
- Master's degree is preferred.
Experience:
- Minimum of 10 years of experience in Governance, Risk, and Compliance (GRC).
- At least 5 years in a leadership or management role.
- Proven experience implementing enterprise GRC frameworks.
- Experience in cybersecurity consulting or technology organizations is highly preferred.
Technical Skills:
- Enterprise Risk Management
- Governance Frameworks
- Regulatory Compliance
- ISO/IEC 27001
- NCA ECC
- SAMA Cybersecurity Framework (Preferred)
- Risk Assessments
- Policy Development
- Internal & External Audits
- Executive Reporting
Preferred Certifications:
- CISSP
- CISM
- CRISC
- ISO/IEC 27001 Lead Implementer
- ISO/IEC 27001 Lead Auditor
- CGEIT (Preferred)
Soft Skills:
- Excellent leadership and stakeholder management skills.
- Strong communication and presentation abilities.
- Strategic planning and decision-making.
- Analytical mindset with strong problem-solving capabilities.
- Ability to manage multiple priorities in a dynamic environment.