Governance, Risk, and Compliance Director

Develop and maintain corporate governance policies and frameworks.
- Ensure effective communication and enforcement of governance principles across the organization.
- Work closely with senior management and the board of directors to provide regular updates on governance issues.
- Oversee the creation, management, and execution of risk and controls assessments, including but not limited to vendor risk assessments, and system authorization-to-operate (ATO) assessments.
- Conduct comprehensive risk assessments of administrative and technical security controls to report and consult mitigations of the cybersecurity risk in accordance with Giza Systems risk management framework.
- Develop and implement IT and cybersecurity policy including writing and managing updates to policies, procedures, and standards documentation.
- Perform management and execution of system assessments, risk assessments, or vulnerability assessments, including, resolution of discovered issues and development of POAM documentation “Plan of Action and Milestones”
- Develop specific cybersecurity plans to mitigate risks according to the risk level.
- Identify, assess, and prioritize organizational risks.
- Develop and implement risk management strategies and processes.
- Monitor and report on risk exposure and mitigation activities.
- Ensure the organization complies with all applicable laws, regulations, and internal policies.
- Establish a mechanism for receiving, tracking, recording, investigating, and responding to all issues about cybersecurity policies and practices
- Develop, implement, and manage compliance programs and initiatives.
- Conduct regular compliance audits and assessments.
- Investigate and resolve compliance issues, gaps and incidents.
- Lead and mentor a team of GRC professionals.
- Foster a culture of ethical behavior, accountability, and continuous improvement.
- Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization's mission, vision, and goals.
- Maintain updated on the way cyber standards, practices, and procedures are used while developing and managing services.
- Review, conduct, or perform audits and reviews of cyber programs and projects.
- Prepare and present regular reports to senior management and the board of directors.
- Maintain accurate and comprehensive documentation of GRC activities.
- Stay current with industry trends and best practices in GRC.
- Facilitate risk management training and awareness programs.
- Collaborate with various departments to integrate GRC practices into business operations.

**Personal Skills**:

- Strong analytical and problem-solving skills, with the ability to identify and assess risks and develop effective risk mitigation strategies.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with internal and external stakeholders.
- Strong leadership skills, with the ability to manage and motivate a team of professionals.
- Ability to work independently in a fast-paced environment and handle multiple complex & confidential tasks.

**Technical Skills**:

- Strong knowledge of laws, regulations, and standards related to governance, risk management, and compliance, including data privacy, information security, financial regulations, and others.
- Experience developing and implementing governance, risk management, and compliance programs and policies.
- Excellent project management and process improvement skills.

**Job Details**:
Job Location

Cairo, Egypt

Company Industry

Integration

Company Type

Employer (Private Sector)

Job Role

Management

Joining Date

2025-03-01

Employment Status

Full time

Employment Type

Employee

Manages Others

Yes

Job Division

CSSO

Career Level

Management

Degree

Bachelor's degree