GRC Consultant

Responsibilities

• Develop, implement, and maintain governance, risk, and compliance (GRC) frameworks.
• Conduct risk assessments and define mitigation strategies across IT and business processes.
• Design and enforce policies, standards, and controls aligned with regulatory requirements (ISO 27001, NCA, CBE, SAMA, etc.).
• Support audits and compliance reviews, providing documentation and recommendations.
• Design and maintain Role-Based Access Control (RBAC) models aligned with business functions
• Manage access governance, including RBAC, SoD, and periodic access reviews.
• Assist in broader GRC activities, including risk assessments, policy compliance, and control monitoring.

Qualifications

• 3+ years in GRC, IT risk, or IAM governance roles.
• Knowledge of risk management frameworks and regulations.
• Strong understanding of RBAC and SoD principles and access governance processes.
• Excellent analytical, problem-solving, and stakeholder management skills.
• Excellent stakeholder management and communication abilities.
• Familiarity with GRC tools (e.g., RSA Archer, ServiceNow GRC) is preferred.
• Flexibility to travel within the GCC region when necessary.