GRC Consulting Lead

About the role

The GRC Consulting Lead will drive the design and implementation of a Governance, Risk, and Compliance framework for a public‑sector client, ensuring alignment with international standards and local Digital Government Authority requirements. You will act as the primary client liaison, steering both strategic and technical aspects of the project.

Key responsibilities

• Design an integrated GRC framework that supports the client’s organizational objectives.
• Manage project plans, timelines, and deliverables in close coordination with stakeholders.
• Produce executive reports for senior management and communicate risk mitigation strategies.
• Apply ISO 38500 IT governance standards at board and executive levels.
• Guide risk‑management policy creation in line with ISO 31000 and DGA mandates.
• Review compliance audit results and validate control effectiveness.
• Lead workshops and capability‑building sessions for client teams.
• Oversee configuration of ServiceNow and Archer GRC/IRM modules.
• Ensure integration with ITIL and ISO 20000 operational processes.
• Approve final documentation before client delivery.

Required profile

• Bachelor’s degree in IT, Business Administration or a related field.
• Minimum 7 years of experience in GRC or IT governance.
• At least 3 years leading consulting projects for government or large organisations.
• Relevant certifications such as CGEIT, CRISC, CISA, CISSP, ISO 38500 Foundation/Lead Implementer, ISO 20000 Lead Auditor/Implementer, PMP or PRINCE2.

Required skills

• Hands‑on experience with ServiceNow GRC modules.
• Hands‑on experience with Archer GRC/IRM modules.
• Deep knowledge of ISO 38500, ISO 20000, ISO 31000, ISO 27001.
• Familiarity with ITIL v4, COBIT 2019 and NIST frameworks.
• Understanding of Digital Government Authority (DGA) and National Cybersecurity Authority (NCA) requirements.