Lead Consultant - Cyber Consulting Services

Job Purpose

The Lead Consultant – GRC Technology Enablement & Integrated Risk Management (IRM) plays a pivotal role in driving the successful delivery of cyber consulting engagements, with a core focus on the design, implementation, and enablement of eGRC / IRM platforms. This role will be responsible for leveraging deep expertise in GRC technologies—such as RSA Archer, ServiceNow IRM, MetricStream, or equivalent—to support clients in achieving regulatory compliance, strengthening risk management frameworks, enhancing cybersecurity governance, and advancing digital transformation within the GRC landscape.

Job Responsibilities

Key Focus Areas

Key Activities

Client Delivery & Engagement

• Lead the end-to-end implementation of eGRC/IRM platforms, including requirement gathering, configuration, testing, training, and go-live support.
• Act as a trusted advisor to clients on cybersecurity governance, risk, and compliance best practices.
• Develop GRC use cases aligned to UAE National Cybersecurity Policies, ISO 27001, NIST CSF, UAE IA Regulation, and sectoral frameworks.
  
  

• Translate client requirements into functional designs and system configurations.
• Work with technical teams to integrate eGRC platforms with ITSM, CMDB, vulnerability management, and threat intelligence tools.
• Optimize workflows and reporting dashboards to enhance visibility into cyber and operational risk postures.
  
  

• Manage project plans, track milestones, and ensure timely delivery within scope and budget.
• Lead cross-functional teams and provide guidance to junior consultants.
• Support pre-sales activities including RFP responses, solution demos, and effort estimations.
  
  

• Stay updated on emerging eGRC technologies and regulatory requirements in the UAE.
• Contribute to the development of internal frameworks, accelerators, and best practice guides.
• Represent the firm in industry forums and contribute to whitepapers or knowledge sessions.
  
  

• ISO 27000 LI or LA; ISO 27701 LI, CISM, CISA, CRISC,CISS.
• Other industry certifications are a plus, such as; CCP; CEH; GCIH, OT certifications and similar.
• Certification in leading eGRC and IRM platforms e.g. Archer, ServiceNow
  
  

• 7+ years of experience in cybersecurity, risk management, or technology consulting.
• Minimum 3 years of hands-on experience implementing eGRC/IRM platforms.
• Strong exposure to GRC use cases such as risk register, policy management, issue management, control testing, vulnerability risk management, and compliance automation.
  
  

• Bachelor’s or master’s degree in computer science, Information Security, Engineering, or a related field.
• Professional certifications preferred: CISM, CISSP, CRISC, CISA, ISO 27001 Lead Implementer, Archer Certified Admin, ServiceNow CSA/IRM or equivalent.