Senior Governance, Risk and Compliance Specialist

NMDC Group • Full-time • أبو ظبي, AE • 1d ago

About the Role

Conduct regular enterprise-wide security risk assessments, covering identification, scoring, impact analysis, and development of risk treatment plans. Develop, maintain, and continuously improve the organization’s GRC framework, including policies, procedures, standards, and governance processes.

Responsibilities

Maintain the enterprise risk register and track mitigation actions to closure with accurate and timely updates.
Perform vendor and third-party risk assessments to ensure compliance with information security, data protection, and contractual requirements.
Manage compliance audits and readiness assessments for frameworks and regulations such as ISO/IEC 27001, NIST CSF, UAE IA, UAE PDPL, and sector specific mandates.
Maintain compliance registers, legal obligation inventories, audit logs, and track non-conformities and corrective actions.
Collaborate with business, IT, and privacy stakeholders to support data protection activities, including privacy-by-design and data-processing evaluations where applicable.
Ensure that technical and organizational controls remain aligned with UAE PDPL, privacy-by-design principles, and recognized international security standards.
Support business continuity, disaster recovery planning, documentation, and testing activities where required.
Provide guidance and awareness to business units on security policies, risk requirements, and compliance obligations.
Provide recommendations to improve security risk posture, strengthen compliance practices, and enhance overall governance maturity.

Qualifications