Enterprise Governance, Risk & Compliance (GRC) Manager Lucidya

1. Enterprise Governance

• Establish and maintain the Enterprise Governance Framework, aligning policies, processes, and decision-making with corporate objectives.
• Lead policy governance across departments, ensuring version control, ownership, approval workflows, and policy lifecycle management.
• Facilitate cross-functional governance committees (e.g., Risk Committee, Compliance Steering Group).
• Define key governance indicators (KGIs) and performance metrics to track organizational maturity.

2. Enterprise Risk Management

• Develop and implement a comprehensive risk management framework integrating strategic, operational, financial, and compliance risks.
• Maintain and update the Enterprise Risk Register, coordinating risk identification and mitigation across functions.
• Conduct risk assessments and workshops with business units to promote ownership and accountability.
• Lead Business Continuity Planning (BCP) and Crisis Management exercises, ensuring readiness across the organization.

3. Compliance & Regulatory Oversight

• Oversee company-wide compliance with national, regional, and international regulatory frameworks, including PDPL, NCA, ISO, labor regulations, financial reporting requirements, and corporate governance standards.
• Integrate regulatory and contractual compliance obligations into operational workflows across all functions.
• Supervise the Data Protection & Privacy Officer (DPO) to ensure privacy governance is aligned with broader compliance strategy and regulatory posture.
• Coordinate internal audits, certifications, and compliance monitoring across departments; track findings, remediation, and continuous improvement.
• Maintain a comprehensive Regulatory Obligations Register, mapping applicable laws, standards, and contractual requirements to responsible owners and controls.
• Act as a strategic compliance advisor to department heads to ensure functional policies (Finance, HR, Operations, Product) remain current and compliant with governing standards.

4. Legal & Regulatory Coordination

• Act as liaison between Compliance, Legal, and external counsel to ensure evolving regulatory requirements are properly interpreted and operationalized across the company.
• Collaborate with Legal to review client contracts, MSAs, and DPAs for compliance implications, data protection clauses, and audit provisions.
• Coordinate company-wide responses to client audits, regulatory inquiries, or due diligence requests, ensuring consistent, accurate, and timely delivery.
• Monitor broader government and regulatory developments affecting SaaS operations, AI applications, data protection, and cross-border hosting; advise leadership on implications and recommended actions.

5. Ethics, Integrity & Internal Controls

• Develop and oversee the Code of Conduct, whistleblowing mechanisms, and ethics awareness initiatives.
• Partner with Finance and HR to implement internal control frameworks covering fraud prevention, conflicts of interest, and procurement integrity.
• Support due diligence for partnerships, vendors, and acquisitions from a governance and ethics standpoint.

6. Organizational Alignment & Culture

• Drive a risk-aware and compliance-first culture across all departments.
• Partner with HR to roll out governance and compliance training organization-wide.
• Ensure ownership of risk and compliance responsibilities within each department.
• Act as a governance advisor to senior management, enabling transparent and informed decision-making.

7. Continuous Improvement & Reporting

• Monitor emerging regulations and enterprise risk trends relevant to SaaS, AI, and regional compliance.
• Lead continuous improvement in governance, audit readiness, and control design.
• Provide periodic reports to executive management and the board on governance maturity, risk posture, and compliance performance.br>