Job Description

Job Overview:

The

Senior / lead of GRC

is a

key executive leader

responsible for ensuring the organization's

governance, risk management, and compliance frameworks

are well-defined, implemented, and aligned with business objectives. This role ensures that

DIGITAL governance, regulatory compliance, risk management, and cybersecurity frameworks

effectively support business operations.


This role involves

overseeing DIGITAL risk management, regulatory compliance, internal controls, and policy development

, ensuring

alignment between DIGITAL, security, legal, and business leaders

. The

Senior / lead of GRC

also plays a key role in

defining audit strategies, improving governance models, and ensuring continuous risk monitoring

.

Key Responsibilities

1. Governance & DIGITAL Compliance Leadership

Partners with executive leadership

to define and execute the

GRC vision and strategy

. Establishes

strategic governance principles

, ensuring DIGITAL and business practices align with compliance requirements. Oversees the development of

DIGITAL risk management frameworks, methodologies, and policies

to enhance compliance. Ensures

regulatory and legal compliance

across DIGITAL systems, policies, and practices. Implements and enforces

GRC frameworks

to standardize

risk and compliance measures

across the organization.

2. Risk Management & Cybersecurity Oversight

Develops

risk assessment methodologies

to identify and mitigate DIGITAL security, data privacy, and operational risks. Oversees

cybersecurity compliance programs

, ensuring policies align with

industry standards (ISO 27001, NIST, GDPR, etc.)

. Establishes a

risk mitigation strategy

to prevent financial, operational, and reputational damage. Regularly reviews DIGITAL

risk exposure

, ensuring alignment with business risk tolerance levels. Works with cyber security teams to

monitor security threats, incidents, and response frameworks

.

3. Compliance & Audit Management

Leads

compliance audits and assessments

, ensuring adherence to local and international regulations. Engages with

external auditors, regulators, and compliance authorities

, ensuring transparency in reporting. Establishes

performance metrics

to measure compliance effectiveness and drive continuous improvements. Develops and enforces

business continuity and disaster recovery frameworks

to reduce operational risks. Provides guidance on

ethical business conduct, data protection laws, and financial reporting regulations

.

4. Enterprise-Wide Influence & Collaboration

Acts as a

trusted advisor

to the board, CIO, CISO, and business unit leaders on

risk management strategies

. Leads

cross-functional collaboration between DIGITAL, legal, security, and operations teams

. Ensures

vendor compliance and third-party risk management programs

are in place. Works closely with

regulatory bodies and industry groups

to stay updated on new compliance requirements.

5. Policy Development & Training

Establishes

GRC policies, controls, and best practices

to guide corporate governance. Conducts

GRC training programs

for DIGITAL and business units, ensuring awareness of security policies. Ensures a

culture of compliance and ethical business practices

across all departments. Develops

incident response protocols and crisis management procedures

to handle security breaches.

Primary Contacts

CIO, CISO, and DIGITAL leadership teams

Executive leadership team

(Legal, Finance, HR, Risk, and Compliance officers)

Regulatory bodies, auditors, and industry compliance authorities

Security teams, DIGITAL governance managers, and third-party vendors

Qualifications & Experience

Education:

Bachelor's or Master's degree in

Business Administration, cyber Security, Law, or a related field

.

Experience:

15+ years

of experience in

GRC, risk management, DIGITAL compliance, or cybersecurity governance

.

5-7 years of leadership experience

, managing risk, compliance, or DIGITAL governance teams. Experience working with

financial, legal, and security risk frameworks

.

Skills:

Strong

knowledge of regulatory frameworks (GDPR, ISO 27001, NIST, SOX, etc.)

. Expertise in

risk management, compliance audits, financial risk assessments, and digital governance

. Ability to

influence and communicate compliance strategies

to executive stakeholders. * Strong

analytical, investigative, and reporting skills

for compliance monitoring.