Governance, Risk & Compliance (GRC) Manager
- TAWANTECH
- الرياض السعودية
- Full-time
وصف الوظيفة
Overview
Join us as a Governance, Risk & Compliance (GRC) Manager aimed at enhancing and steering our IT governance, risk, and compliance ventures in accordance with the SAMA IT Governance Framework and internationally recognized standards. The perfect candidate will possess substantial expertise in the banking and financial sectors along with a proven history in achieving regulatory compliance, managing IT risks, and implementing enterprise governance frameworks such as COBIT, ITIL, and ISO.
Key Responsibilities
- Formulate, execute, and oversee the IT Governance & Compliance framework across the entire organization.
- Guarantee comprehensive adherence to the SAMA IT Governance Framework (ITGF), regional regulatory requirements, and international benchmarks (including COBIT, ISO 27001, ISO 20000, ITIL).
- Conduct IT audits, risk evaluations, and compliance assessments to ascertain robust controls and mitigate risks effectively.
- Spearhead organization-wide risk management strategies coupled with regulatory compliance initiatives.
- Supervise the policies, procedures, and process enhancements aimed at reinforcing governance and operational mastery.
- Partner with internal teams and external regulators (e.g., SAMA) to maintain audit preparedness and compliance.
- Direct the planning for business continuity and disaster recovery (BCP & DRP) applicable to IT operations.
- Provide strategic consultation on IT contracts, budgets, licensing compliance, and vendor management.
- Mentor and guide teams regarding best practices in IT governance, security, and compliance.
Qualifications & Experience
- Bachelor's or Master's degree in IT, Finance, or a relevant field, with an MBA/Engineering being advantageous.
- 10+ years of experience in IT Governance, Risk, and Compliance, including 5 years specifically in the banking or financial services sector.
- Practical experience in implementing the SAMA IT Governance Framework (ITGF) or similar regulatory standards.
- In-depth knowledge of COBIT, ITIL, ISO 27001, ISO 20000, NIST, PCI DSS.
- Confirmed expertise in IT audits, regulatory compliance, and risk management.
- Preferred certifications include: CISA, CISM, CISSP, CGEIT, GRCP/GRCA, COBIT2019, ITIL.
- Outstanding leadership, stakeholder interaction, and communication abilities.
- Experience in the Saudi Arabia or GCC region is an added advantage.
متطلبات الوظيفة
We are seeking an experienced Governance, Risk & Compliance (GRC) Manager to lead IT governance, risk, and compliance initiatives in alignment with SAMA IT Governance Framework and international best practices. The ideal candidate will bring extensive experience in banking/financial services and a strong track record in regulatory compliance, IT risk management, and enterprise governance frameworks (COBIT, ITIL, ISO).
Key Responsibilities
- Develop, implement, and manage the IT Governance & Compliance framework across the organization.
- Ensure full alignment with SAMA IT Governance Framework (ITGF), local regulatory requirements, and global standards (COBIT, ISO 27001, ISO 20000, ITIL).
- Lead IT audits, risk assessments, and compliance reviews to ensure effective controls and mitigate risks.
- Drive enterprise-wide risk management strategies and regulatory compliance initiatives.
- Oversee policies, procedures, and process improvements to strengthen governance and operational excellence.
- Collaborate with internal stakeholders and external regulators (e.g., SAMA) to ensure audit readiness and compliance.
- Lead business continuity and disaster recovery planning (BCP & DRP) for IT operations.
- Provide strategic advisory on IT contracts, budgets, licensing compliance, and vendor management.
- Coach and guide teams on IT governance, security, and compliance best practices.
Qualifications & Experience
- Bachelor’s or Master’s degree in IT, Finance, or related field (MBA/Engineering preferred).
- 10+ years of experience in IT Governance, Risk, and Compliance, with at least 5 years in banking or financial services.
- Hands-on experience with SAMA IT Governance Framework (ITGF) implementation or equivalent regulatory frameworks.
- Strong knowledge of COBIT, ITIL, ISO 27001, ISO 20000, NIST, PCI DSS.
- Proven experience in IT audits, regulatory compliance, and risk management.
- Certifications preferred: CISA, CISM, CISSP, CGEIT, GRCP/GRCA, COBIT2019, ITIL.
- Excellent leadership, stakeholder management, and communication skills.
- Prior experience in Saudi Arabia or GCC region is a strong plus.