Governance, Risk and Compliance Specialist

The Helicopter Company

Main Responsibilities:

• Support the development and maintenance of corporate governance frameworks, including policies, procedures, and organizational structures.
• Facilitate and document governance committee meetings and actions.
• Collaborate with senior management to ensure governance structures align with organizational objectives.
• Conduct regular risk assessments and maintain the organization's enterprise risk register.
• Develop risk mitigation strategies in collaboration with business units.
• Monitor key risk indicators (KRIs) and prepare periodic risk reports.
• Support the implementation of enterprise risk management (ERM) frameworks.
• Monitor changes in regulations relevant to the Saudi business environment (including, without limitation, Companies Law SAMA, ZATCA, Ministry of Commerce requirements and so on).
• Conduct compliance reviews and audits to ensure adherence to regulatory requirements and internal policies.
• Develop and implement compliance monitoring plans and testing protocols.
• Coordinate with external auditors during compliance assessments.
• Assist in implementing remediation plans for identified compliance gaps.
• Document regulatory findings and corrective action plans.
• Evaluate the design and operating effectiveness of internal GRC processes.
• Document key control processes and procedures.
• Assist in the implementation of control frameworks (such as COSO, ISO 31000).
• Identify control weaknesses and recommend improvements.
• Develop and facilitate training and awareness programs.
• Support the development and organizational integration of the GRC function into THC.
• Prepare comprehensive GRC reports for executive management and the board.
• Communicate GRC issues and developments to relevant stakeholders.
• Develop and maintain GRC dashboards and metrics.
• Maintain confidentiality in all matters related to work and information.

Qualifications:

• Bachelor s degree in accounting, Finance, Business Administration, Information Systems, or related field.
• Qualified or pursuing professional certifications in at least one of the following areas:
  
  • Certified Internal Auditor (CIA).
  • Certified in Risk Management Assurance (CRMA).
  • Certified Risk and Compliance Management Professional (CRCMP).
  • Certification in Control Self-Assessment (CCSA).

Experience & Skills:

• 2-4 years of progressive experience in GRC, internal audit, or risk management roles.
• Experience with Saudi Arabian regulatory requirements and compliance standards.
• Proven experience in conducting risk assessments and developing risk mitigation strategies.
• Previous involvement in regulatory audits and inspections.
• Knowledge of governance structures, risk management frameworks, and compliance requirements relevant to Saudi Arabia.
• Strong understanding of COSO and relevant ISO frameworks.
• Proficiency in risk assessment methodologies and tools.
• Excellent analytical and problem-solving abilities.
• Strong project management skills.
• Advanced proficiency in MS Office suite, especially Excel.
• Experience with one or more GRC platforms and tools (ServiceNow, MetricStream, SAP GRC, etc.)
• Written and verbal fluency in English and Arabic.
• Strong attention to detail and accuracy.
• Excellent interpersonal and communication skills and ability to build relationships with stakeholders at all levels.
• Critical thinking and sound judgment.
• proactive, Positive approach to role.