GRC Consulting Lead

About the role

The GRC Consulting Lead will drive the design and implementation of a Governance, Risk, and Compliance framework for a major client, ensuring alignment with international standards and local regulatory requirements. This senior position serves as the primary liaison with the client’s executive team and guides the technical delivery on ServiceNow and Archer platforms.

Key responsibilities

• Lead the creation of an integrated GRC framework that supports the client’s strategic objectives.
• Manage project plans, timelines, and deliverables while coordinating with stakeholders.
• Prepare and present executive reports to senior management.
• Identify risks and critical issues, proposing mitigation actions.
• Apply ISO 38500 IT governance standards at board and executive levels.
• Design risk‑management policies in line with ISO 31000 and Digital Government Authority (DGA) requirements.
• Review compliance audit results and validate control effectiveness.
• Conduct awareness workshops and capability‑building sessions for client teams.
• Oversee configuration of GRC/IRM modules in ServiceNow and Archer.
• Ensure integration with operational processes according to ITIL and ISO 20000.
• Approve and review all delivery documentation before client submission.

Required profile

• Bachelor’s degree in IT, Business Administration or a related field.
• Minimum 7 years of experience in GRC or IT governance.
• At least 3 years leading consulting projects for government or large organisations.
• Relevant certifications such as CGEIT, CRISC, CISSP, ISO 38500 Foundation, ISO 20000 Lead Auditor/Implementer, PMP or Prince2.

Required skills

• Strong expertise in designing GRC frameworks and risk/compliance policies.
• Hands‑on experience with ServiceNow GRC/IRM modules.
• Hands‑on experience with Archer GRC/IRM modules.
• Deep knowledge of ISO 38500, ISO 20000, ISO 31000, ISO 27001 standards.
• Familiarity with ITIL v4, COBIT 2019 and NIST frameworks.