Enterprise Governance, Risk & Compliance (GRC) Manager

The Enterprise GRC Manager leads the company’s integrated governance, risk, and compliance framework, ensuring all business units, systems, and processes operate with transparency, accountability, and regulatory alignment. (Strategic & Enterprise-wide – focused on GRC, legal coordination, and regulatory oversight)

• Establish and maintain the Enterprise Governance Framework, aligning policies, processes, and decision‑making with corporate objectives.
• Lead policy governance across departments, ensuring version control, ownership, approval workflows, and policy lifecycle management.
• Facilitate cross‑functional governance committees (e.g., Risk Committee, Compliance Steering Group).
• Define key governance indicators (KGIs) and performance metrics to track organizational maturity.

• Develop and implement a comprehensive risk management framework integrating strategic, operational, financial, and compliance risks.
• Maintain and update the Enterprise Risk Register, coordinating risk identification and mitigation across functions.
• Conduct risk assessments and workshops with business units to promote ownership and accountability.
• Lead Business Continuity Planning (BCP) and Crisis Management exercises, ensuring readiness across the organization.

• Oversee company‑wide compliance with national, regional, and international regulatory frameworks, including PDPL, NCA, ISO, labor regulations, financial reporting requirements, and corporate governance standards.
• Integrate regulatory and contractual compliance obligations into operational workflows across all functions.
• Supervise the Data Protection & Privacy Officer (DPO) to ensure privacy governance is aligned with broader compliance strategy and regulatory posture.
• Coordinate internal audits, certifications, and compliance monitoring across departments; track findings, remediation, and continuous improvement.
• Maintain a comprehensive Regulatory Obligations Register, mapping applicable laws, standards, and contractual requirements to responsible owners and controls.
• Act as a strategic compliance advisor to department heads to ensure functional policies (Finance, HR, Operations, Product) remain current and compliant with governing standards.

• Act as liaison between Compliance, Legal, and external counsel to ensure evolving regulatory requirements are properly interpreted and operationalized across the company.
• Collaborate with Legal to review client contracts, MSAs, and DPAs for compliance implications, data protection clauses, and audit provisions.
• Coordinate company‑wide responses to client audits, regulatory inquiries, or due diligence requests, ensuring consistent, accurate, and timely delivery.
• Monitor broader government and regulatory developments affecting SaaS operations, AI applications, data protection, and cross‑border hosting; advise leadership on implications and recommended actions.

• Develop and oversee the Code of Conduct, whistleblowing mechanisms, and ethics awareness initiatives.
• Partner with Finance and HR to implement internal control frameworks covering fraud prevention, conflicts of interest, and procurement integrity.
• Support due diligence for partnerships, vendors, and acquisitions from a governance and ethics standpoint.

• Drive a risk‑aware and compliance‑first culture across all departments.
• Partner with HR to roll out governance and compliance training organization‑wide.
• Ensure ownership of risk and compliance responsibilities within each department.
• Act as a governance advisor to senior management, enabling transparent and informed decision‑making.

• Monitor emerging regulations and enterprise risk trends relevant to SaaS, AI, and regional compliance.
• Lead continuous improvement in governance, audit readiness, and control design.
• Provide periodic reports to executive management and the board on governance maturity, risk posture, and compliance performance.