Senior Technology GRC Specialist (UAEN)
ENEC Operations · Abu Dhabi Emirate, United Arab Emirates
Apply & track with Apply EdgeOverseeing and managing the governance, risk, and compliance aspects of the organization’s technology landscape. This role involves developing and implementing GRC frameworks, conducting risk assessments, ensuring compliance with regulatory requirements, and promoting a culture of risk awareness. Work closely with various departments to identify and mitigate risks, enhance security measures, and ensure the integrity of the organization’s technology systemsGRC Framework DevelopmentResponsibilities and Accountabilities:• Develop and implement comprehensive GRC frameworks and policies.• Ensure alignment of GRC frameworks with organizational goals and objectives.• Regularly review and update GRC policies to reflect changes in regulations and industry standards.• Develop and maintain documentation for GRC processes and procedures.Risk Assessment and ManagementResponsibilities and Accountabilities:• Conduct regular risk assessments to identify potential threats to the organization’s technology systems.• Develop risk mitigation strategies and action plans.• Monitor and report on the effectiveness of risk management initiatives.• Collaborate with stakeholders to address identified risks and vulnerabilities.• Maintain a risk register and ensure timely updates.Compliance ManagementResponsibilities and Accountabilities:• Ensure compliance with regulatory requirements and industry standards.• Conduct regular audits and assessments to verify compliance.• Develop and implement compliance monitoring and reporting mechanisms.• Provide guidance and support to departments on compliance-related matters.• Stay updated on regulatory changes and ensure organizational compliance.Security and Incident ManagementResponsibilities and Accountabilities:• Develop and implement security policies and procedures.• Monitor and respond to security incidents and breaches.• Conduct root cause analysis and implement corrective actions.• Collaborate with IT and security teams to enhance security measures.• Conduct regular security awareness training for staff. GRC Training and AwarenessResponsibilities and Accountabilities:• Develop and deliver training programs on GRC best practices.• Promote a culture of risk awareness and compliance across the organization.• Provide ongoing support and guidance to staff on GRC-related matters.• Develop training materials and resources for continuous learning.• Conduct regular workshops and awareness sessions.GRC Reporting and MonitoringResponsibilities and Accountabilities:• Monitor and report on the effectiveness of GRC initiatives.• Develop and maintain GRC dashboards and metrics for continuous monitoring.• Provide regular reports and insights to senior management.• Identify areas for improvement and implement corrective actions.• Ensure timely and accurate reporting of GRC activities.Vendor and Third-Party Risk ManagementResponsibilities and Accountabilities:• Assess and manage risks associated with vendors and third-party service providers.• Develop and implement vendor risk management policies and procedures.• Conduct regular assessments of vendor compliance and performance.• Collaborate with procurement and legal teams to address vendor-related risks.• Maintain a vendor risk register and ensure timely updatesPolicy Development and EnforcementResponsibilities and Accountabilities:• Develop and enforce technology-related policies and procedures.• Ensure policies are communicated effectively across the organization.• Monitor compliance with policies and take corrective actions as needed.• Conduct regular reviews and updates of policies to reflect changes in technology and regulations.• Provide guidance and support to departments on policy-related matters.Education and Experience - • Bachelor’s degree in computer sciences, Information Systems, Information Technology, or a field closely related to these subjects is required.• 5 years of relevant experience• Having a master’s degree in computer sciences, Information Systems, Information Technology, or a field closely related to these subjects is required. This gives the job holder an in-depth understanding of quality and testing.• Experience in converting business requirements and functional requirements to use cases, epics, and user stories with acceptance criteria• Demonstrated ability to engage both developers and business partners to achieve target outcomes• Broad IT domain experience in one or more of the following areas: quality management, quality assurance, SOPs.• Familiarity with company structure and operations outside of IT