Skip to sign up

Job matched to your search

GRC Consultant (saudi only)

HCLTech · Riyadh

Riyadh · On-siteFull-TimePosted Jun 28, 2026

Free · Join 5,000+ job seekers using Qarera

How well do you match this role?

Tap the skills you already have — then see your real match score, what’s missing, and your resume fixed for this job.

↑ tap the skills you have
Loading sign-in…
Free · no credit card · 30 seconds

Job description

SAUDI ONLY

Job Description: The GRC Consultant supports the delivery of Governance, Risk, and Compliance (GRC) services, assisting senior team members in executing client projects.

Responsibilities:

· Assist in gathering and analyzing data for GRC assessments.

· Support the preparation of assessment reports, governance documentation, and client presentations.

· Lead the preparation and execution of external audits for ISO 27001 and SOC 2 (Type 1 & 2) certifications.

· Manage compliance with local Saudi regulations, specifically NCA ECC and SAMA cybersecurity frameworks, also perform assessments for different frameworks (e.g., ISO 27001, NDI Controls, NCA-Frameworks- ECC, CSCC, DCC, TCC & OSMACC, and other best practices.

· Collaborate with senior consultants on the development and implementation of policies, procedures, frameworks, etc.

· Develop and implement policies, procedures, and controls that ensure compliance with laws, regulations, and industry standards.

· Participate in client workshops and project meetings.

· Liaise with cross-functional teams (GRC, IT, legal, audit, operations) to support secure and compliant business operations.

· Assist in the selection and implementation of GRC software solutions to automate processes and improve reporting capabilities.

· Stay informed about industry trends, regulatory changes, and emerging risks to provide proactive advice to clients.

· Evaluate third-party vendors for compliance with security standards and risk management requirements.

· Provide input into enterprise risk management processes from a cybersecurity perspective.

· Track and report key GRC metrics and issues to stakeholders and executive leadership.

Minimum Requirements : Bachelor's degree in Cybersecurity, Information Technology, or related fields.

· Basic understanding of cybersecurity concepts, Internal Audit, Risk management, and compliance standards along with 5-6 years of relevant experience

· Certifications such as CISM /CISSP, CompTIA Security+, ISO 27001 Lead Implementor, SSCP & ITIL or equivalent are a plus.

· Experience with GRC platforms & ITSM knowledge is plus

Competencies :

· Strong analytical and problem-solving skills.

· Effective communication skills (verbal and written).

· Attention to detail in documentation and reporting.

· Team-oriented mindset with a proactive attitude.

Don’t just read the job — see if you’ll get it.

Get your match score, a resume tailored to this exact role, and jobs like it — free.

Check my fit for this job
Loading sign-in…
Apply →