Job matched to your search
GRC Consultant (saudi only)
HCLTech · Riyadh
Free · Join 5,000+ job seekers using Qarera
How well do you match this role?
Tap the skills you already have — then see your real match score, what’s missing, and your resume fixed for this job.
Job description
SAUDI ONLY
Job Description: The GRC Consultant supports the delivery of Governance, Risk, and Compliance (GRC) services, assisting senior team members in executing client projects.
Responsibilities:
· Assist in gathering and analyzing data for GRC assessments.
· Support the preparation of assessment reports, governance documentation, and client presentations.
· Lead the preparation and execution of external audits for ISO 27001 and SOC 2 (Type 1 & 2) certifications.
· Manage compliance with local Saudi regulations, specifically NCA ECC and SAMA cybersecurity frameworks, also perform assessments for different frameworks (e.g., ISO 27001, NDI Controls, NCA-Frameworks- ECC, CSCC, DCC, TCC & OSMACC, and other best practices.
· Collaborate with senior consultants on the development and implementation of policies, procedures, frameworks, etc.
· Develop and implement policies, procedures, and controls that ensure compliance with laws, regulations, and industry standards.
· Participate in client workshops and project meetings.
· Liaise with cross-functional teams (GRC, IT, legal, audit, operations) to support secure and compliant business operations.
· Assist in the selection and implementation of GRC software solutions to automate processes and improve reporting capabilities.
· Stay informed about industry trends, regulatory changes, and emerging risks to provide proactive advice to clients.
· Evaluate third-party vendors for compliance with security standards and risk management requirements.
· Provide input into enterprise risk management processes from a cybersecurity perspective.
· Track and report key GRC metrics and issues to stakeholders and executive leadership.
Minimum Requirements : Bachelor's degree in Cybersecurity, Information Technology, or related fields.
· Basic understanding of cybersecurity concepts, Internal Audit, Risk management, and compliance standards along with 5-6 years of relevant experience
· Certifications such as CISM /CISSP, CompTIA Security+, ISO 27001 Lead Implementor, SSCP & ITIL or equivalent are a plus.
· Experience with GRC platforms & ITSM knowledge is plus
Competencies :
· Strong analytical and problem-solving skills.
· Effective communication skills (verbal and written).
· Attention to detail in documentation and reporting.
· Team-oriented mindset with a proactive attitude.
More jobs in Riyadh
Browse related jobs
Don’t just read the job — see if you’ll get it.
Get your match score, a resume tailored to this exact role, and jobs like it — free.
Check my fit for this job