Job Description
Job Description:
We are seeking a motivated and detail-oriented Governance, Risk, and Compliance (GRC) Specialist to join our team. This role will play a critical part in the development and management of our GRC framework, ensuring adherence to applicable laws, regulations from the National Cybersecurity Authority (NCA), and AWQAF policies. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a proactive approach to fostering a culture of compliance across the organization.
Key Responsibilities:
- GRC Framework Management: Aid in the creation, implementation, and ongoing management of the GRC framework to ensure compliance with relevant laws and policies.
- Vendor Analysis: Assist in analyzing and selecting IT vendors and solutions to enhance organizational security and compliance.
- Awareness Development: Support the development of resources and materials to raise awareness about governance and compliance within the organization.
- Compliance Consultation: Provide guidance and advice on compliance issues to various departments, promoting a culture of compliance throughout the organization.
- Compliance Oversight Assessment: Evaluate the effectiveness of the compliance program and provide recommendations for enhancements to senior management.
- Risk Evaluation: Conduct thorough risk evaluations to identify potential compliance weaknesses and develop strategies to address these risks.
- Audit Support: Assist in auditing and inspecting processes to support internal and external audits, ensuring prompt resolution of identified issues.
- Interdepartmental Collaboration: Collaborate with other departments to promote awareness and adherence to compliance obligations.
- Regulatory Updates: Stay informed on regulatory changes and relay pertinent information to relevant teams to ensure compliance.
- Reporting: Compile and deliver detailed compliance reports to senior management and external regulatory authorities.
RequirementsRequired Skills and Qualifications:
- Educational Background: Bachelor’s degree in Business Administration, Information Technology, Cybersecurity, or a related field. A master’s degree or relevant certifications (e.g., CISM, CISA, CRISC, ISO 27001) is a plus.
- Experience: Minimum of 3 years of experience in governance, risk, and compliance, preferably in a cybersecurity or IT environment.
- Regulatory Knowledge: Strong understanding of applicable laws and regulations, particularly those related to cybersecurity and data protection.
- Analytical Skills: Excellent analytical and problem-solving skills, with the ability to assess compliance risks and recommend effective solutions.
- Communication Skills: Strong verbal and written communication skills, with the ability to effectively convey complex compliance concepts to diverse audiences.
- Interpersonal Skills: Ability to work collaboratively across departments, fostering relationships and promoting a culture of compliance.
- Detail-Oriented: Strong attention to detail, ensuring accuracy and thoroughness in compliance assessments and reporting.
- Adaptability: Ability to stay updated on regulatory changes and adjust strategies and processes accordingly.