Head of Governance, Risk & Compliance (Legal)

Job Title:

Head of Governance, Risk & Compliance (Legal)

Job Summary:

The Head of Legal, Governance, Risk & Compliance (GRC) leads and oversees the organization's legal, governance, risk management, and compliance functions. This executive role ensures the organization operates in full compliance with applicable laws and regulations, effectively manages operational, financial, and strategic risks, and maintains robust governance frameworks. The position provides strategic guidance to the CEO and Board of Directors while fostering a culture of accountability, transparency, and ethical business practices.

Key Responsibilities:

Governance & Legal Oversight

Develop, implement, and continuously enhance governance frameworks, including policies, charters, bylaws, codes of conduct, and internal regulations.

Lead legal functions and provide advice on corporate, commercial, employment, and regulatory matters.

Coordinate Board and committee meetings, prepare agendas, briefings, and minutes, and ensure timely follow-up on resolutions.

Ensure alignment with national regulations, international governance standards, and industry best practices (e.g., ISO 37301, ISO 37000, COSO).

Act as the primary liaison with regulators, auditors, and external legal counsel.

Risk Management

Develop, implement, and oversee enterprise risk management frameworks.

Identify, assess, and monitor strategic, operational, financial, and compliance risks.

Maintain and update the enterprise risk register and ensure mitigation actions are tracked to closure.

Support business continuity, disaster recovery, and crisis management planning.

Compliance & Regulatory Management

Ensure compliance with local, regional, and international laws and regulations, including licensing, financial, legal, and data protection requirements.

Manage compliance audits, readiness assessments, and regulatory reporting obligations.

Track non-conformities and corrective actions and manage responses to regulatory inquiries.

Conduct internal investigations and provide guidance on ethics, integrity, and compliance matters.

Promote privacy-by-design and data protection practices across all business units.

Training & Awareness

Design and deliver training programs on governance, compliance, risk management, ethics, and corporate policies.

Foster a culture of risk awareness, integrity, and ethical conduct throughout the organization.

Reporting & Advisory

Provide regular reports and strategic recommendations to the CEO, executive management, and Board of Directors on legal, risk, compliance, and governance matters.

Advise leadership on risk exposure, compliance obligations, and governance improvements.

Qualifications & Skills:

Bachelor's or Master's degree in Law, Governance, Risk Management, Business Administration, Finance, or related fields.

1015 years of experience in governance, legal advisory, compliance, risk management, or internal audit.

Professional certifications preferred: CRMA, CIA, CISA, CISM, CRISC, GRCP, CCO, ISO 31000, ISO/IEC 27001 Lead Implementer/Auditor.

Proven experience in regulated environments, listed companies, or multinational organizations.

Strong leadership, strategic thinking, and decision-making abilities.

Excellent communication, negotiation, analytical, and stakeholder management skills.

Experience implementing enterprise-wide GRC frameworks and systems.

Preferred Skills & Experience:

Exposure to digital risk management and enterprise risk frameworks.

Strong knowledge of corporate governance, legal frameworks, and compliance standards relevant to regulated sectors (e.g., IT, Telecom, or Financial Services).

Proven track record in driving cultural change toward accountability, transparency, and ethical business practices.

Reporting Line:

Reports directly to the CEO and works closely with the Board of Directors.