Overview

GRC Consultant (saudi only) Jobs in Riyadh, Riyadh, Saudi Arabia at HCLTech

Title: GRC Consultant (saudi only)

Company: HCLTech

Location: Riyadh, Riyadh, Saudi Arabia

SAUDI ONLY

Job Description: The GRC Consultant supports the delivery of Governance, Risk, and Compliance (GRC) services, assisting senior team members in executing client projects.

Responsibilities:

· Assist in gathering and analyzing data for GRC assessments.

· Support the preparation of assessment reports, governance documentation, and client presentations.

· Lead the preparation and execution of external audits for ISO 27001 and SOC 2 (Type 1 & 2) certifications.

· Manage compliance with local Saudi regulations, specifically NCA ECC and SAMA cybersecurity frameworks, also perform assessments for different frameworks (e.g., ISO 27001, NDI Controls, NCA-Frameworks- ECC, CSCC, DCC, TCC & OSMACC, and other best practices.

· Collaborate with senior consultants on the development and implementation of policies, procedures, frameworks, etc.

· Develop and implement policies, procedures, and controls that ensure compliance with laws, regulations, and industry standards.

· Participate in client workshops and project meetings.

· Liaise with cross-functional teams (GRC, IT, legal, audit, operations) to support secure and compliant business operations.

· Assist in the selection and implementation of GRC software solutions to automate processes and improve reporting capabilities.

· Stay informed about industry trends, regulatory changes, and emerging risks to provide proactive advice to clients.

· Evaluate third-party vendors for compliance with security standards and risk management requirements.

· Provide input into enterprise risk management processes from a cybersecurity perspective.

· Track and report key GRC metrics and issues to stakeholders and executive leadership.

Minimum Requirements: Bachelor's degree in Cybersecurity, Information Technology, or related fields.

· Basic understanding of cybersecurity concepts, Internal Audit, Risk management, and compliance standards along with 5-6 years of relevant experience

· Certifications such as CISM /CISSP, CompTIA Security+, ISO 27001 Lead Implementor, SSCP & ITIL or equivalent are a plus.

· Experience with GRC platforms & ITSM knowledge is plus

Competencies:

· Strong analytical and problem-solving skills.

· Effective communication skills (verbal and written).

· Attention to detail in documentation and reporting.

· Team-oriented mindset with a proactive attitude.

Upload your CV/resume or any other relevant file. Max. file size: 800 MB.