GRC Specialist – Digital Transformation

Job Summary

Governance & Policy Management

• Develop and maintain IT and digital governance frameworks
• Establish policies, standards, and procedures for digital initiatives
• Ensure governance alignment across cloud, AI, automation, and data projects
• Support enterprise-wide digital risk governance programs

Risk Management

• Conduct IT and cybersecurity risk assessments
• Identify risks associated with cloud migration, digital platforms, AI, and third-party vendors
• Maintain risk registers and track remediation actions
• Evaluate control effectiveness and recommend improvements

Compliance & Regulatory

• Ensure compliance with regulations and standards such as:
• ISO 27001
• NIST
• GDPR
• PCI DSS
• Support internal and external audits
• Monitor regulatory updates and ensure organizational compliance

Digital Transformation Support

• Participate in digital transformation and technology modernization projects
• Review security and compliance requirements during solution design
• Collaborate with project teams to ensure risk mitigation strategies are implemented
• Support cloud governance and digital control implementation

Security & Controls

• Review access management controls and segregation of duties
• Support cybersecurity governance activities
• Assess third-party and vendor risks
• Ensure business continuity and disaster recovery controls are maintained

Reporting & Stakeholder Management

• Prepare governance and compliance reports for management
• Present risk findings and recommendations to stakeholders
• Coordinate with internal audit, legal, compliance, and IT teams

Required Qualifications

• Bachelor’s degree in:
• Information Technology
• Cybersecurity
• Computer Science
• Business Administration
• Risk Management

Preferred Certifications

• CISA
• CRISC
• CISSP

• ISO 27001 Lead Implementer/Auditor

• COBIT Foundation

Technical Skills

• IT governance and risk management
• Cybersecurity fundamentals
• Cloud governance awareness
• Compliance and audit management
• Data privacy and information security

Soft Skills

• Analytical thinking
• Problem-solving
• Communication and presentation
• Stakeholder management
• Documentation and reporting

Experience

• 3–7 years of experience in:
• GRC
• IT risk
• Cybersecurity governance
• Compliance
• Digital transformation projects

Preferred Experience In Industries Such As

• Banking
• Government
• Telecom
• Healthcare
• Technology

Experience With

• ServiceNow GRC
• Archer
• MetricStream
• SAP GRC
• Microsoft security and cloud environments

Key Performance Indicators (KPIs)

• Compliance audit success rate
• Risk remediation closure timelines
• Policy compliance adherence
• Reduction in technology and security risks
• Governance maturity improvement