GRC Team Lead

We are looking for a Head of GRC

This role leads a multi-disciplinary GRC team, driving governance, risk, and compliance across the organization. You will define and implement policies, procedures, and standards, ensure adherence to regulatory frameworks (ISO 27701, 27001, 27017, 27035), manage risk assessments, and oversee internal and external audits.

🛠 Key Responsibilities

• Lead a multi-disciplinary GRC team, managing governance, risk, and compliance activities
• Develop, implement, and maintain organizational policies, procedures, and standards in information security, privacy, and compliance
• Manage and implement regulatory and standards compliance programs (ISO 27701, 27001, 27035, 27017, and other relevant regulations)
• Conduct risk assessments for systems and business processes and oversee risk mitigation plans
• Plan and support internal and external audits in cybersecurity, privacy, and regulatory compliance
• Oversee supplier and third-party risk management (SCRM), including vendor classification, surveys, and contract compliance
• Drive cyber risk awareness programs and internal training initiatives
• Monitor regulatory changes and analyze their implications for the organization
• Collaborate closely with cross-functional teams including infrastructure, digital, procurement, legal, risk management, and business units

✅ Requirements

• 5+ years of experience in GRC
• Proven experience implementing ISO 27001, 27017, 27035 in complex organizations
• Experience developing policies, procedures, and translating regulatory requirements into actionable guidance
• Experience interfacing with regulators and preparing for audits
• Experience leading cyber awareness and training programs
• Strong knowledge of SCRM, including vendor risk assessment and integrating controls in procurement and contracts
• Excellent writing, presentation, and communication skills in English
• Hands-on experience in risk management (cyber or operational)
• Experience leading internal and external audits for information security and compliance
• Strong analytical thinking, problem-solving skills, and systems-level perspective
• Ability to work in a fast-paced, multi-stakeholder environment

If you are passionate about GRC and want to make a meaningful impact, we’d love to hear from you! Apply now.