The GRC Manager will work in coordination with the Headquarters Internal Audit and Governance Team to be the Governance, Risk and Compliance Management processes ambassador vs. local Asset management, driving risk mitigation mindset under the professional guidance of the Headquarters Risk Management Team.

This role involves understanding and applying regulatory standards across the organization, ensuring that business operations are conducted in compliance with legal and regulatory requirements.

Responsibilities:

Governance

• Support the development, approval, and periodic review of policies and procedures, ensuring alignment with HQ, Stakeholder and external regulations.
• Coordinate with external consultants and HQ Governance teams to formalize governance frameworks.
• Maintain a structured repository of policies, procedures, and controls, ensuring accessibility and periodic updates.

Risk Management

• Establish and maintain a formal risk register, conducting annual and ad-hoc risk assessments.
• Identify and evaluate risks, design mitigating controls, and report progress to senior management and HQ.
• Ensure integration of risk considerations into decision-making and project execution.

Compliance & Internal Audit

• Oversee compliance with local Kazakhstan laws, ADAA regulations, and contractual obligations under the Asset & Property Management Agreement.
• Develop and track remediation plans in response to internal and external audit findings.
• Act as the local liaison for HQ Internal Audit, ensuring timely responses to audit requests and implementation of recommendations.
• Conduct periodic compliance checks across business functions.

Business Continuity & Crisis Management

• Maintain and periodically test Business Continuity and Disaster Recovery Plans, including notification protocols with Stakeholder.
• Develop incident response plans to address compliance breaches or operational disruptions.
• Ensure corrective and preventive actions are formally documented and implemented.

Reporting & Training

• Prepare regular reports for management and stakeholders summarizing risk exposures, compliance status, and governance improvements.
• Deliver training sessions to staff on GRC responsibilities, ensuring a culture of compliance and accountability.
• Promote awareness of whistleblowing, code of conduct, and ethical practices.

Requirements:

• Bachelor's degree in Business, Finance, Risk Management, or a related field. Master's degree or relevant certifications (e.g., CISA, CISSP, CRISC) is a plus.
• Proven experience in governance, risk management, or compliance roles, preferably in a corporate setting not less than 10 years.
• Strong knowledge of regulatory frameworks, industry standards, and best practices related to GRC.
• Exceptional analytical skills and the ability to assess complex risks and provide practical solutions.
• Proficiency in risk assessment tools, compliance management systems, and data analytics software.
• Excellent communication and interpersonal skills to work effectively with cross-functional teams and external stakeholders.
• Detail-oriented with a commitment to maintaining the highest standards of integrity and ethics.
• Strong organizational skills and the ability to prioritize and manage multiple tasks efficiently.
• Adaptability and the capability to stay current with evolving regulations and industry trends.
• English language: fluent