GRC Consultant

Our Culture: At ZainTECH we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer‑centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the ZainTECH family.

• Governance: Develop and implement governance frameworks and policies to ensure effective decision‑making processes; advise on best practices in cybersecurity governance, including board practices, ethics, and transparency.
• Risk: Conduct comprehensive risk assessments to identify potential threats and vulnerabilities; develop risk mitigation strategies and internal controls to manage and reduce risks.
• Compliance: Conduct compliance audits and assessments to evaluate organizational adherence to regulatory requirements.
• Consulting Services: Provide expert advice to clients on developing and improving their GRC frameworks and processes; assist clients in implementing GRC tools and technologies; prepare and present reports on the status of governance, risk, and compliance efforts to senior management and boards of directors.
• Stakeholder Engagement: Collaborate with various stakeholders, including executives, managers, and external regulators, to ensure alignment with GRC initiatives.
• Continuous Improvement: Identify opportunities for continuous improvement in GRC practices; stay updated on emerging cybersecurity threats, regulatory changes, and industry trends to keep the organization ahead of potential challenges.

• Proven experience in risk management, compliance, audit, or governance roles.
• Demonstrated experience in conducting risk assessments and compliance audits.
• Bachelor’s or Master’s degree in Business, Cybersecurity, Information Technology, Business, Law, or a related field.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Compliance and Ethics Professional (CCEP) are highly desirable.