Overview
GRC Consultant (saudi only) Jobs in Riyadh, Riyadh, Saudi Arabia at HCLTech
Title: GRC Consultant (saudi only)
Company: HCLTech
Location: Riyadh, Riyadh, Saudi Arabia
SAUDI ONLY
Job Description: The GRC Consultant supports the delivery of Governance, Risk, and Compliance (GRC) services, assisting senior team members in executing client projects.
Responsibilities:
· Assist in gathering and analyzing data for GRC assessments.
· Support the preparation of assessment reports, governance documentation, and client presentations.
· Lead the preparation and execution of external audits for ISO 27001 and SOC 2 (Type 1 & 2) certifications.
· Manage compliance with local Saudi regulations, specifically NCA ECC and SAMA cybersecurity frameworks, also perform assessments for different frameworks (e.g., ISO 27001, NDI Controls, NCA-Frameworks- ECC, CSCC, DCC, TCC & OSMACC, and other best practices.
· Collaborate with senior consultants on the development and implementation of policies, procedures, frameworks, etc.
· Develop and implement policies, procedures, and controls that ensure compliance with laws, regulations, and industry standards.
· Participate in client workshops and project meetings.
· Liaise with cross-functional teams (GRC, IT, legal, audit, operations) to support secure and compliant business operations.
· Assist in the selection and implementation of GRC software solutions to automate processes and improve reporting capabilities.
· Stay informed about industry trends, regulatory changes, and emerging risks to provide proactive advice to clients.
· Evaluate third-party vendors for compliance with security standards and risk management requirements.
· Provide input into enterprise risk management processes from a cybersecurity perspective.
· Track and report key GRC metrics and issues to stakeholders and executive leadership.
Minimum Requirements: Bachelor's degree in Cybersecurity, Information Technology, or related fields.
· Basic understanding of cybersecurity concepts, Internal Audit, Risk management, and compliance standards along with 5-6 years of relevant experience
· Certifications such as CISM /CISSP, CompTIA Security+, ISO 27001 Lead Implementor, SSCP & ITIL or equivalent are a plus.
· Experience with GRC platforms & ITSM knowledge is plus
Competencies:
· Strong analytical and problem-solving skills.
· Effective communication skills (verbal and written).
· Attention to detail in documentation and reporting.
· Team-oriented mindset with a proactive attitude.