Senior GRC Risk Specialist

About the Role

We are seeking a seasoned Senior GRC Risk Specialist to join our team in the United Arab Emirates. In this role you will lead the design, implementation, and continuous improvement of our governance, risk and compliance (GRC) framework ensuring alignment with ISO 31000, COSO ERM, and local regulatory requirements. You will partner with business units to identify, assess and mitigate risks, maintain our risk register, develop key risk indicators (KRIs), and deliver comprehensive risk reporting to senior leadership.

• Develop, implement and maintain enterprise risk management frameworks in accordance with ISO 31000 and COSO ERM.
• Conduct risk assessments and operational risk reviews across business functions.
• Maintain and update the risk register, ensuring accuracy and completeness.
• Define, monitor and report on key risk indicators (KRIs) and thresholds.
• Prepare regular risk reporting packages for senior management and the board.
• Support regulatory compliance initiatives and ensure adherence to UAE Central Bank, ADGM, DFSA and other relevant regulations.
• Configure, administer and optimize GRC platforms to automate risk and compliance processes.
• Collaborate with internal stakeholders to embed risk culture and provide risk awareness training.
• Coordinate with internal and external auditors during risk and compliance audits.
• Continuously monitor emerging risks and recommend mitigation strategies.

• 5–8 years of hands‑on experience in governance, risk and compliance roles.
• Proven expertise in GRC methodologies, ISO 31000 and COSO ERM frameworks.
• Strong background in enterprise and operational risk management.
• Extensive experience conducting risk assessments and maintaining risk registers.
• Proficiency in defining and tracking key risk indicators (KRIs).
• Solid understanding of regulatory compliance requirements in the UAE.
• Experience with GRC platforms such as RSA Archer, Metric Stream, Service Now GRC.
• Excellent risk reporting and data visualization skills.
• Strong analytical, problem‑solving and decision‑making abilities.
• Exceptional stakeholder management and communication skills.

• Professional certifications such as CRISC, CISA, ISO 31000 Lead Implementer or CISSP.
• Experience with project management methodologies and certifications e.g., PMP.
• Previous exposure to ADGM, DFSA or UAE Central Bank regulatory frameworks.
• Advanced degree in Risk Management, Finance, Business Administration or related field.
• Familiarity with internal audit processes.
• Arabic language proficiency.
• Experience delivering risk and compliance training programs.