img
Contract TypeFull-time
Workplace typeOn-site
LocationRiyadh

Job Description

About the GRC Consultant Role

HCLTech is seeking a GRC Consultant for a full-time position in Riyadh. This role supports the delivery of Governance, Risk, and Compliance (GRC) services, assisting senior team members in executing client projects. The ideal candidate will have 5-10 years of relevant experience.

Key Responsibilities

The GRC Consultant will be involved in various aspects of GRC service delivery. Key responsibilities include:

  • Assisting in the gathering and analysis of data for GRC assessments.
  • Supporting the preparation of assessment reports, governance documentation, and client presentations.
  • Collaborating with senior consultants on the development and implementation of policies, procedures, and frameworks.
  • Participating in client workshops and project meetings.
  • Liaising with cross-functional teams, including GRC, IT, legal, audit, and operations, to support secure and compliant business operations.
  • Assisting in the selection and implementation of GRC software solutions to automate processes and improve reporting capabilities.
  • Evaluating third-party vendors for compliance with security standards and risk management requirements.
  • Providing input into enterprise risk management processes from a cybersecurity perspective.
  • Tracking and reporting key GRC metrics and issues to stakeholders and executive leadership.

Specific Duties and Compliance Management

This role also entails specific responsibilities related to audits and regulatory compliance:

  • Leading the preparation and execution of external audits for ISO 27001 and SOC 2 (Type 1 & 2) certifications.
  • Managing compliance with local Saudi regulations, specifically NCA ECC and SAMA cybersecurity frameworks.
  • Performing assessments for various frameworks including ISO 27001, NDI Controls, NCA-Frameworks- ECC, CSCC, DCC, TCC & OSMACC, and other best practices.
  • Developing and implementing policies, procedures, and controls to ensure compliance with laws, regulations, and industry standards.
  • Staying informed about industry trends, regulatory changes, and emerging risks to provide proactive advice.

Qualifications and Experience

Candidates for this position should possess the following qualifications:

  • A Bachelor's degree in Cybersecurity, Information Technology, or a related field.
  • A foundational understanding of cybersecurity concepts, Internal Audit, Risk management, and compliance standards.
  • Relevant experience ranging from 5 to 10 years.
  • Certifications such as CISM, CISSP, CompTIA Security+, ISO 27001 Lead Implementor, SSCP, or ITIL are considered a plus.
  • Experience with GRC platforms and ITSM knowledge are also advantageous.

Required Competencies

Successful candidates will demonstrate the following competencies:

  • Strong analytical and problem-solving skills.
  • Effective communication skills, both verbal and written.
  • A high degree of attention to detail in documentation and reporting.
  • A team-oriented mindset coupled with a proactive attitude.

Requirements

  • For Saudis Only
  • Requires 5-10 Years experience

Similar Jobs