GRC Specialist

Job Title: GRC (Governance, Risk & Compliance) Specialist Job Purpose: The GRC Specialist is responsible for developing, implementing, and maintaining governance, risk, and compliance frameworks. The role ensures that the organization adheres to all applicable regulations, internal policies, and industry best practices. The position supports risk mitigation, improves operational resilience, and fosters a culture of compliance. Key Responsibilities: Develop, maintain, and update policies, procedures, and standards to ensure compliance with regulatory requirements and industry standards. Collaborate with internal teams to ensure effective implementation and adherence to policies across the organization. Evaluate and monitor the organization’s GRC programs to identify areas for improvement and recommend risk mitigation strategies. Conduct regular internal audits, assessments, and compliance checks to drive continuous improvement. Track, interpret, and communicate changes in laws, regulations, and industry standards affecting the organization. Prepare and submit compliance reports, dashboards, and updates for senior management and stakeholders. Design and deliver training programs and awareness campaigns on GRC-related topics, including data privacy, information security, and cybersecurity. Serve as a subject matter expert (SME) for GRC-related issues, providing guidance and responding to employee inquiries. Conduct comprehensive risk assessments across various business functions to identify, assess, and document compliance risks. Collaborate with cross-functional teams to develop action plans to mitigate risks and ensure compliance. Maintain comprehensive and organized documentation related to compliance activities, audits, and training records. Ensure accurate, timely, and accessible records are kept for audits and compliance verification purposes. Skills & Competencies: Strong understanding of governance, risk management, and compliance frameworks. Knowledge of relevant regulatory standards (e.g., ISO 27001, GDPR, HIPAA, SOX, etc.). Excellent analytical and problem-solving skills. Strong communication and interpersonal skills for training and collaboration. High attention to detail with strong organizational and documentation skills. Ability to manage multiple priorities and deadlines. Qualifications: Bachelor’s degree in Business, Law, Information Security, Risk Management, or a related field. Professional certifications preferred (e.g., CISA, CRISC, CISM, CGEIT, or equivalent). Experience:3–7 years of experience in governance, risk, compliance, audit, or a related role. Experience with GRC tools and risk management frameworks is highly desirable. Why Join Us: Be part of a forward-looking organization that prioritizes compliance, security, and operational excellence. Work in a collaborative environment with exposure to multiple facets of the business. Opportunities for continuous learning, growth, and professional development.