Project Manager - GRC (Information & Cyber Security Services)

GRC Project Manager

Governance, Risk & Compliance Full-Time

About the Role

We are looking for an experienced GRC Project Manager to lead and coordinate programmes across governance, risk management, and regulatory compliance. You will act as the central point of contact for GRC initiatives, ensuring that projects are delivered on time, within scope, and in alignment with regulatory requirements and business objectives.

This role requires a blend of project management excellence, GRC domain expertise, and strong stakeholder engagement skills to drive a culture of accountability and continuous improvement.

Key Responsibilities

Project Planning & Delivery

Define project scope, objectives, milestones, and success criteria for GRC initiatives.

Develop and maintain detailed project plans.

Manage end-to-end delivery of compliance, risk, and audit-related projects.

Track progress and report status to senior leadership and key stakeholders.

Risk & Compliance Management

Ensure projects are driven according to regulations such as ISO 27001, SOC 2, GDPR, DORA, and NIST etc.

Support the development and maintenance of policies, standards, and control frameworks.

Stakeholder Management

Collaborate with client to ensure projects are aligned with their goal and timelines.

Facilitate client meetings.

Prepare executive-level presentations, dashboards, and compliance reports.

Audit & Assurance

Coordinate external audit activities, including evidence collection and remediation tracking.

Liaise with external auditors as the GRC project representative.

Monitor and help clients in guiding with corrective action plans (CAPs) to closure.

Contnuous Improvement

Identify opportunities to ensure smooth project management

Maintain awareness of evolving regulatory landscape and update programmes accordingly.

Qualifications & Experience

Essentials

58 years of project management experience, with at least 3 years in a GRC-focused client facing role.

Strong knowledge of risk management frameworks (ISO 31000, NIST RMF, COSO).

Hands-on experience with regulatory compliance programmes (GDPR, ISO 27001, ISO 42001, NIST 800-53, NIST 800-171, SOC 2, PCI-DSS, or similar).

Proven ability to manage multiple complex projects simultaneously in a fast-paced environment.

Excellent written and verbal communication skills; able to present to C-suite audiences.

Proficient in project management tools (JIRA, MS Project, Smartsheet, or equivalent).

Managed multiple projects in client facing role.

Preferred

Professional certifications: PMP, PRINCE2, CRISC, CISA, CISSP, or ISO Lead Implementer/Auditor.

Experience with GRC platforms such as ServiceNow GRC, Archer, or OneTrust.

Background in compliance or technology sectors.

Masters degree in Business, Information Security, Law, or a related field.

Core Competencies

Leadership & Influence: Ability to drive alignment across diverse teams and influence without direct authority.

Analytical Thinking: Capacity to assess complex risk scenarios and translate them into actionable plans.

Communication: Clear communicator who can distil technical and regulatory complexity for varied audiences.

Attention to Detail: Meticulous approach to documentation, evidence management, and audit trails.

What We Offer

Competitive salary.

Flexible and hybrid working arrangements.

Comprehensive health benefits.

Annual learning & development budget for certifications and training.

Opportunity to shape and grow a best-in-class GRC function.

Collaborative, inclusive, and mission-driven work environment.