Enterprise Governance, Risk & Compliance Manager

The Enterprise GRC Manager leads the company’s integrated governance, risk, and compliance framework, ensuring all business units, systems, and processes operate with transparency, accountability, and regulatory alignment. (Strategic & Enterprise-wide – focused on GRC, legal coordination, and regulatory oversight)

Key Responsibilities

1. Enterprise Governance

• Establish and maintain the Enterprise Governance Framework, aligning policies, processes, and decision-making with corporate objectives.
• Lead policy governance across departments, ensuring version control, ownership, approval workflows, and policy lifecycle management.
• Facilitate cross-functional governance committees (e.g., Risk Committee, Compliance Steering Group).
• Define key governance indicators (KGIs) and performance metrics to track organizational maturity.

2. Enterprise Risk Management

• Develop and implement a comprehensive risk management framework integrating strategic, operational, financial, and compliance risks.
• Maintain and update the Enterprise Risk Register, coordinating risk identification and mitigation across functions.
• Conduct risk assessments and workshops with business units to promote ownership and accountability.
• Lead Business Continuity Planning (BCP) and Crisis Management exercises, ensuring readiness across the organization.

3. Compliance & Regulatory Oversight

• Oversee company-wide compliance with national, regional, and international regulatory frameworks, including PDPL, NCA, ISO, labor regulations, financial reporting requirements, and corporate governance standards.
• Integrate regulatory and contractual compliance obligations into operational workflows across all functions.
• Supervise the Data Protection & Privacy Officer (DPO) to ensure privacy governance is aligned with broader compliance strategy and regulatory posture.
• Coordinate internal audits, certifications, and compliance monitoring across departments; track findings, remediation, and continuous improvement.
• Maintain a comprehensive Regulatory Obligations Register, mapping applicable laws, standards, and contractual requirements to responsible owners and controls.
• Act as a strategic compliance advisor to department heads to ensure functional policies (Finance, HR, Operations, Product) remain current and compliant with governing standards.

4. Legal & Regulatory Coordination

• Act as liaison between Compliance, Legal, and external counsel to ensure evolving regulatory requirements are properly interpreted and operationalized across the company.
• Collaborate with Legal to review client contracts, MSAs, and DPAs for compliance implications, data protection clauses, and audit provisions.
• Coordinate company-wide responses to client audits, regulatory inquiries, or due diligence requests, ensuring consistent, accurate, and timely delivery.
• Monitor broader government and regulatory developments affecting SaaS operations, AI applications, data protection, and cross-border hosting; advise leadership on implications and recommended actions.

5. Ethics, Integrity & Internal Controls

• Develop and oversee the Code of Conduct, whistleblowing mechanisms, and ethics awareness initiatives.
• Partner with Finance and HR to implement internal control frameworks covering fraud prevention, conflicts of interest, and procurement integrity.
• Support due diligence for partnerships, vendors, and acquisitions from a governance and ethics standpoint.

6. Organizational Alignment & Culture

• Drive a risk-aware and compliance-first culture across all departments.
• Partner with HR to roll out governance and compliance training organization-wide.
• Ensure ownership of risk and compliance responsibilities within each department.
• Act as a governance advisor to senior management, enabling transparent and informed decision-making.

7. Continuous Improvement & Reporting

• Monitor emerging regulations and enterprise risk trends relevant to SaaS, AI, and regional compliance.
• Lead continuous improvement in governance, audit readiness, and control design.
• Provide periodic reports to executive management and the board on governance maturity, risk posture, and compliance performance.

Qualifications & Skills:

• Required:
• Bachelor’s degree in Business, Law or related field.
• 4-6 years of experience in Governance, Risk, and Compliance (GRC).
• Experience in auditing and handling incidents within a corporate environment.
• Experience building governance frameworks, policies, and risk management processes.
• Strong knowledge of PDPL, ISO standards (27001/9001).
• Strong stakeholder management and cross-functional leadership skills.
• Experience in creating and delivering compliance training programs.
• Familiarity with global regulatory frameworks and business continuity planning.
• Curiosity, investigative mindset, and strong communication skills.
• Preferred:
• Experience in IPOs or public companies.
• Familiarity with Environmental, Social, and Governance (ESG) principles.
• Arabic language proficiency.
• Experience in the technology sector, particularly SaaS or B2B environments.