GRC Consultant

Job Description – GRC Consultant (8–10 Years’ Experience)

Position Title: Governance, Risk & Compliance (GRC) Consultant
Location: Abu Dhabi, UAE
Experience: 8–10 years in Risk Management, Regulatory Compliance, and Governance Advisory

Salary - Best in the Industry

Role Overview

We are seeking an experienced GRC Consultant to support the design and implementation of an integrated Enterprise Risk Management (ERM) and Regulatory Compliance Framework for a leading government entity in Abu Dhabi. The role requires deep expertise in governance, risk (ISO 31000, COSO), and compliance frameworks (ISO 37301), regulatory alignment, policy design, and practical implementation of enterprise-wide risk framework in the financial sector.

Key Responsibilities

Enterprise Risk Management (ERM):

• Conduct comprehensive risk assessments across strategic, financial, operational, technological, and reputational areas.
• Review, enhance, and update the Risk Register and Key Risk Indicators (KRIs).
• Define and integrate Risk Appetite and Risk Tolerance into the governance structure.
• Identify, assess, and propose treatment plans for fraud risk scenarios.
• Design and implement a unified ERM framework, policies, procedures, and authority matrix aligned with ISO 31000.
• Develop monitoring tools, reporting models, and sustainability plans for ERM.

Regulatory Compliance:

• Identify, classify, and document regulatory obligations; develop a Register of Laws & Regulations.
• Conduct compliance gap analysis against ISO 37301 and international best practices.
• Design and implement a comprehensive Compliance Management Framework, including policy, Code of Conduct, and supporting procedures.
• Establish monitoring and reporting tools, including a Non-Compliance Risk Register, KRIs, and reporting templates.
• Develop whistleblowing and escalation mechanisms.

Integrated Governance & Operational Model:

• Define and implement the “Three Lines of Defense” model, clarifying roles and responsibilities across audit, risk, and compliance.
• Establish reporting and escalation channels to senior leadership, Audit & Risk Committees, and the Board.
• Recommend mechanisms to manage overlaps/conflicts across risk, compliance, and audit functions.

Capacity Building & Change Management:

• Deliver training programs, workshops, and awareness sessions to embed a risk-aware and compliance-oriented culture.
• Develop training manuals, reporting templates, and sustainability frameworks for long-term adoption.

Qualifications & Experience

• Bachelor’s or Master’s degree in Management, Finance, Law, Business Administration, or related field.
• 8–10 years of consulting experience in Enterprise Risk Management and Regulatory Compliance, preferably in financial services, development funds, or government entities.
• Strong knowledge of ISO 31000, ISO 37301, COSO ERM, and Compliance Frameworks.
• Proven experience in policy and framework design, risk registers, compliance monitoring, and reporting structures.
• Exposure to fraud risk assessment and governance operating models.
• Experience in the UAE or wider GCC regulatory environment preferred.
• Professional certifications such as CIA, CRMA, CCEP, ISO 31000 Lead Manager, ISO 37301 Lead Implementer, CAMS, CFA, or equivalent are an advantage.

Job Type: Full-time

Pay: AED20,000.00 - AED35,000.00 per month