Job Description
Roles & Responsibilities
About the Role:
We are seeking a seasoned GRC Controls Assurance Lead to oversee and enhance our governance, risk, and compliance control environment in the United Arab Emirates. The successful candidate will lead control self-assessments, testing, and data analytics initiatives, leveraging GRC platforms and recognized frameworks (COSO, ISO 31000) to drive process improvements and ensure robust internal controls across the organization.
Responsibilities:
- Lead the design, planning, and execution of control self-assessments and control testing programs
- Manage and configure GRC platforms to support risk and control monitoring activities
- Perform data analytics to identify control gaps, trends, and opportunities for remediation
- Develop and maintain governance frameworks aligned with COSO and ISO 31000 standards
- Collaborate with business stakeholders to communicate control requirements and remediation plans
- Drive process improvement initiatives to enhance efficiency and effectiveness of controls
- Compile and present control assurance reports to senior management and risk committees
- Supervise and mentor junior control assurance and GRC team members
- Coordinate with internal audit, external auditors, and regulatory bodies on control assurance activities
Required Qualifications:
- 7–10 years of experience in internal controls, GRC, or internal audit functions
- Proven expertise in control self-assessment and control testing methodologies
- Hands-on experience with leading GRC platforms (e.g., RSA Archer, ServiceNow GRC)
- Strong data analytics skills using tools such as ACL, SQL, or Power BI
- In-depth knowledge of COSO and ISO 31000 risk management frameworks
- Demonstrated process improvement capabilities in a controls environment
- Excellent stakeholder management and communication skills
- Bachelor’s degree in Finance, Accounting, Risk Management, or related field
Preferred Qualifications:
- Professional certification such as CISA, CIA, CRISC, or equivalent
- Experience implementing GRC solutions in the Middle East region
- Advanced degree in Risk Management, Business Administration, or related discipline
- Prior exposure to ERP risk and control environments (SAP, Oracle, etc.)
- GRC platform administrator or configuration certifications