Job Description

Roles & Responsibilities

• Governance & Policy Management

  • Develop and maintain IT and digital governance frameworks

  • Establish policies, standards, and procedures for digital initiatives

  • Ensure governance alignment across cloud, AI, automation, and data projects

  • Support enterprise-wide digital risk governance programs

  Risk Management

  • Conduct IT and cybersecurity risk assessments

  • Identify risks associated with cloud migration, digital platforms, AI, and third-party vendors

  • Maintain risk registers and track remediation actions

  • Evaluate control effectiveness and recommend improvements

  Compliance & Regulatory

  • Ensure compliance with regulations and standards such as:

  • ISO 27001

  • NIST

  • GDPR

  • PCI DSS

  • Support internal and external audits

  • Monitor regulatory updates and ensure organizational compliance

  Digital Transformation Support

  • Participate in digital transformation and technology modernization projects

  • Review security and compliance requirements during solution design

  • Collaborate with project teams to ensure risk mitigation strategies are implemented

  • Support cloud governance and digital control implementation

  Security & Controls

  • Review access management controls and segregation of duties

  • Support cybersecurity governance activities

  • Assess third-party and vendor risks

  • Ensure business continuity and disaster recovery controls are maintained

  Reporting & Stakeholder Management

  • Prepare governance and compliance reports for management

  • Present risk findings and recommendations to stakeholders

  • Coordinate with internal audit, legal, compliance, and IT teams

Desired Candidate Profile

• Bachelor’s degree in:

• Information Technology

• Cybersecurity

• Computer Science

• Business Administration

• Risk Management

Preferred Certifications

• CISA

• CRISC

• CISSP

• ISO 27001 Lead Implementer/Auditor

• COBIT Foundation

Required Skills

Technical Skills

• IT governance and risk management

• Cybersecurity fundamentals

• Cloud governance awareness

• Compliance and audit management

• Data privacy and information security

Soft Skills

• Analytical thinking

• Problem-solving

• Communication and presentation

• Stakeholder management

• Documentation and reporting

Experience

• 3–7 years of experience in:

• GRC

• IT risk

• Cybersecurity governance

• Compliance

• Digital transformation projects

Preferred experience in industries such as:

• Banking

• Government

• Telecom

• Healthcare

• Technology

Tools & Platforms

Experience with:

• ServiceNow GRC

• Archer

• MetricStream

• SAP GRC

• Microsoft security and cloud environments

Key Performance Indicators (KPIs)

• Compliance audit success rate

• Risk remediation closure timelines

• Policy compliance adherence

• Reduction in technology and security risks

• Governance maturity improvement