Governance Senior Consultant

Who are we?Future Systems for Information Technology (FSIT) is specialized in Talent Acquisition and employs numerous professionals and is the premier consulting talent outsourcer in Saudi Arabia offering one of the fastest career path advancements in the Middle East.About the jobWe are hiring for one of our major reputable management consulting clients for the below requirements in Riyadh. Employment Type: 3-6 month contract, outsourcedWork Location: Riyadh, Kingdom of Saudi ArabiaRoleGovernance senior consultant is a strategic leadership role responsible for developing, implementing, and overseeing the organization's IT governance, risk management, and compliance program. This individual will ensure that IT practices align with business objectives and comply with Saudi Arabian regulations, including the NCA ECC, DGA PDPL, and NDMO frameworks. The role acts as the primary liaison with regulators and auditors and is responsible for reporting the IT risk posture to executive management.Key responsibilities·        Strategy & Framework: Develop, implement, and maintain the enterprise IT GRC framework, strategy, and roadmap.·        Policy Management: Author, review, and gain approval for key IT policies, standards, and procedures (Information Security, Data Privacy, Risk Management, etc.).·        Regulatory Expertise: Serve as the in-house subject matter expert on NCA, DGA (PDPL), and NDMO requirements, translating regulatory mandates into actionable IT controls and processes.·        Stakeholder Management: Act as the primary point of contact for all regulatory bodies, internal audit, and external auditors. Manage all compliance assessments and inquiries.·        Management Reporting: Prepare and present comprehensive reports on the status of compliance, top IT risks, and the health of the GRC program to the CISO, CIO, and Board committees.·        Program Leadership: Lead the GRC team, manage the budget, and prioritize GRC initiatives based on a risk-based methodology.·        Integration: Champion a culture of compliance and risk awareness by integrating GRC principles into IT project lifecycles and daily operations.Qualifications & Experience·        Education: Bachelor's degree in Information Security, Computer Science, IT, or a related field. Master's degree preferred.·        Experience: Minimum of 10+ years of experience in IT, with at least 5-7 years in a dedicated IT GRC, IT Audit, or similar leadership role.·        Regulatory Knowledge: Proven experience interpreting and implementing requirements from the NCA ECC, Saudi PDPL (DGA), and NDMO. Experience with other frameworks (ISO 27001, NIST, COBIT) is essential.·        Skills: Exceptional communication, presentation, and stakeholder management skills. Strong analytical and problem-solving abilities. Proficient in GRC software tools.·        Certifications:·        Certified Information Systems Security Professional (CISSP)·        Certified Information Security Manager (CISM)·        Certified in Risk and Information Systems Control (CRISC)