GRC Specialist – Governance, Risk & Compliance(Arabic Speakers)

Role Purpose

Governance & Compliance

• Support the implementation and continuous improvement of enterprise Governance, Risk, and Compliance (GRC) frameworks in alignment with ISO 31000, ISO 27001, ISO 37301, ISO 22301, ISO 20000, ISO/IEC 42001, and relevant UAE federal governance requirements.
• Develop, review, and maintain governance policies, standards, procedures, guidelines, and control frameworks across areas including Digital Governance, Information Security, Business Continuity, IT Service Management, AI Governance, Audit, and Compliance Management.
• Coordinate with internal stakeholders to ensure compliance with UAE federal regulations, TDRA digital government requirements, UAE Personal Data Protection Law (PDPL), UAE IA/NESA standards, and other applicable regulatory obligations.
• Support governance reviews, policy exception management, compliance assessments, and follow-up activities related to audit observations and corrective action plans.
• Assist in preparing governance reports, dashboards, executive summaries, and compliance updates for management and governance committees.
• Track governance KPIs, KRIs, audit observations, and remediation activities to support continuous improvement and risk visibility across the Ministry.

Risk Management

• Assist in identifying, assessing, monitoring, and reporting enterprise, operational, technology, cybersecurity, and AI-related risks.
• Maintain enterprise risk registers, mitigation plans, governance dashboards, and risk reporting documentation.
• Support risk assessments, control evaluations, and mitigation activities across projects, systems, operational environments, and digital initiatives.
• Coordinate with relevant stakeholders to monitor risk treatment actions and escalate critical risks where required.
• Contribute to business continuity, operational resilience, and disaster recovery governance activities.

AI Governance & Responsible AI

• Contribute to the implementation and continuous enhancement of AI governance and Responsible AI practices across the Ministry.
• Support the maintenance of AI model inventories, governance documentation, and AI lifecycle records.
• Assist in monitoring AI-related risks including fairness, transparency, explainability, privacy, ethical usage, human oversight, and Generative AI risks.
• Coordinate with relevant teams to ensure AI initiatives and digital solutions are aligned with approved governance, compliance, and risk management practices.
• Support alignment with frameworks such as NIST AI RMF, ISO/IEC 42001, UAE AI Governance principles, and related Responsible AI standards.
• Participate in governance reviews related to AI usage, third-party AI solutions, and emerging AI technologies.

Security, Privacy & Digital Governance

• Support implementation and monitoring of information security controls aligned with ISO 27001 and related governance frameworks.
• Assist in privacy and data protection initiatives including PIMS / ISO 27701 related activities.
• Coordinate with IT, cybersecurity, enterprise architecture, and digital teams to ensure governance and control measures are embedded within systems, platforms, and digital services.
• Support digital governance activities related to enterprise systems, digital transformation initiatives, technology standards, and architecture compliance reviews.
• Contribute to governance assessments related to operational resilience, service continuity, and digital compliance requirements.

Stakeholder Collaboration & Reporting

• Work closely with business, IT, cybersecurity, legal, compliance, audit, data, and AI teams to strengthen governance and risk management practices across the Ministry.
• Support awareness sessions, workshops, and training initiatives related to GRC, information security, compliance, and Responsible AI.
• Prepare presentations, governance reports, dashboards, and management updates for leadership and relevant committees.
• Participate in governance meetings, working groups, and cross-functional initiatives related to risk, compliance, and digital governance.

Tools & Technologies

Required Qualifications

• Bachelor’s degree in Information Security, Computer Science, Information Technology, Business Technology, Risk Management, or a related field.
• Master’s degree or MBA is considered an advantage.
• Minimum 8–10 years of relevant experience in Governance, Risk, Compliance, Information Security, Digital Governance, or Enterprise Risk Management.
• Experience within government entities or large enterprise environments is preferred.

Preferred Certifications

• ISO 27001 Lead Auditor / Lead Implementer

• Iso 22301 Bcms

• CISSP, CISA, CISM, CRISC, CGRC, CRMA, PMI-RMP

• COBIT / ITIL Certifications

• AI Governance or Responsible AI related certifications are considered an advantage.

Core Skills & Competencies

• Strong understanding of governance, risk, compliance, and regulatory environments.
• Good understanding of digital governance, cybersecurity governance, and enterprise risk management practices.
• Familiarity with AI/ML governance concepts and Responsible AI principles.
• Experience in policy development, audit coordination, compliance assessments, and governance reporting.
• Strong analytical, documentation, communication, and stakeholder management skills.
• Ability to work across multiple teams and manage competing priorities effectively.

Key Success Indicators

• Effective implementation and enhancement of governance and compliance initiatives.
• Improved visibility of enterprise and technology risks through effective governance reporting and dashboards.
• Successful support of audit, compliance, and regulatory activities.
• Adoption and operationalization of governance and Responsible AI practices across the Ministry.
• Timely closure of governance observations, compliance gaps, and risk mitigation actions.