GRC Implementation Specialist

Overview

• Full-time
• 1x Vacant
• Competitive + Benefits

Apply Now

Responsibilities

• Framework Operationalization: Design, document, and implement comprehensive GRC frameworks aligned with global standards (NIST CSF, ISO 27001/27005, COBIT) and regional mandates (UAE NESA, SAMA Cybersecurity Framework, CBUAE).
• Control Design: Translate complex regulatory requirements into practical, measurable IT General Controls (ITGC) and operational procedures for enterprise IT teams.
• Platform Architecture & Automation: Assist clients in evaluating, architecting, and optimizing top-tier GRC and IRM platforms (such as RSA Archer, MetricStream, ServiceNow GRC, AuditBoard, or OneTrust) to automate control testing and continuous monitoring, always maintaining our strictly vendor-agnostic advisory stance.
• Risk Assessments: Conduct end-to-end cyber risk assessments, gap analyses, and third-party vendor risk management (TPRM) reviews.
• Data Governance & Privacy: Support the implementation of data protection programs to ensure compliance with regional privacy laws (e.g., UAE PDPL).
• Stakeholder Enablement: Conduct risk workshops and training sessions to embed a culture of security and compliance across client organizations.

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field.
• Minimum of 3-5 years of dedicated experience in Cyber GRC, Technology Risk, or IT Audit.
• Required Certifications: Must hold or be actively pursuing premier industry certifications such as CRISC, CISA, CISM, or CDPSE.
• Vendor Ecosystem Experience: Proven hands-on experience deploying, configuring, or auditing major enterprise GRC/IRM solutions (e.g., MetricStream, RSA Archer, ServiceNow, Diligent/Galvanize).
• Deep, practical expertise in mapping out control matrices and writing enterprise-grade security policies and procedures.
• Proven experience navigating the GCC regulatory landscape (NESA, SAMA, NCA) is highly preferred.
• Exceptional stakeholder management skills, with the ability to lead risk discussions with both technical engineers and business-unit leaders.

What We Offer

• A competitive compensation package tailored to your expertise, complete with comprehensive benefits.
• The agility and autonomy of a specialized advisory boutique—step out of the “Big-4 machine” and directly own your project deliverables.
• Exposure to complex, high-stakes enterprise environments across the UAE, KSA, US, and Australia.
• A dedicated commitment to your professional growth, including funded certification paths and continuous training in emerging tech governance (e.g., AI and Cloud Risk).
• If you are passionate about transforming compliance from a “tick-box” exercise into a strategic business enabler, we want you on our team.

Linkedin And Portfolio

Apply Now