Head of Governance, Risk & Compliance (Legal)

Job Summary

The Head of Legal, Governance, Risk & Compliance (GRC) leads and oversees the organization's legal, governance, risk management, and compliance functions. This executive role ensures the organization operates in full compliance with applicable laws and regulations, effectively manages operational, financial, and strategic risks, and maintains robust governance frameworks. The position provides strategic guidance to the CEO and Board of Directors while fostering a culture of accountability, transparency, and ethical business practices.

Key Responsibilities Governance & Legal Oversight

• Develop, implement, and continuously enhance governance frameworks, including policies, charters, bylaws, codes of conduct, and internal regulations.
• Lead legal functions and provide advice on corporate, commercial, employment, and regulatory matters.
• Coordinate Board and committee meetings, prepare agendas, briefings, and minutes, and ensure timely follow-up on resolutions.
• Ensure alignment with national regulations, international governance standards, and industry best practices (e.g., ISO 37301, ISO 37000, COSO).
• Act as the primary liaison with regulators, auditors, and external legal counsel.
• Develop, implement, and oversee enterprise risk management frameworks.
• Identify, assess, and monitor strategic, operational, financial, and compliance risks.
• Maintain and update the enterprise risk register and ensure mitigation actions are tracked to closure.
• Support business continuity, disaster recovery, and crisis management planning.

Compliance & Regulatory Management

• Ensure compliance with local, regional, and international laws and regulations, including licensing, financial, legal, and data protection requirements.
• Manage compliance audits, readiness assessments, and regulatory reporting obligations.
• Track non-conformities and corrective actions and manage responses to regulatory inquiries.
• Conduct internal investigations and provide guidance on ethics, integrity, and compliance matters.
• Promote privacy-by-design and data protection practices across all business units.
• Design and deliver training programs on governance, compliance, risk management, ethics, and corporate policies.
• Foster a culture of risk awareness, integrity, and ethical conduct throughout the organization.
• Provide regular reports and strategic recommendations to the CEO, executive management, and Board of Directors on legal, risk, compliance, and governance matters.
• Advise leadership on risk exposure, compliance obligations, and governance improvements.

Qualifications & Skills

• Bachelor's or Master's degree in Law, Governance, Risk Management, Business Administration, Finance, or related fields.
• 10-15 years of experience in governance, legal advisory, compliance, risk management, or internal audit.
• Proven experience in regulated environments, listed companies, or multinational organizations.
• Strong leadership, strategic thinking, and decision making abilities.
• Excellent communication, negotiation, analytical, and stakeholder management skills.
• Experience implementing enterprise wide GRC frameworks and systems.

Preferred Skills & Experience

• Exposure to digital risk management and enterprise risk frameworks.
• Strong knowledge of corporate governance, legal frameworks, and compliance standards relevant to regulated sectors (e.g., IT, Telecom, or Financial Services).
• Proven track record in driving cultural change toward accountability, transparency, and ethical business practices.

Reporting Line

Reports directly to the CEO and works closely with the Board of Directors.