Advisory Consultant - GRC

Job Description

Kanoo Elite is a GCC (Gulf Cooperation Council) based global-level consulting and outsourcing firm leveraging deep technology expertise, strong industry experience, and a comprehensive portfolio of services. We have constantly strengthened the proposition of providing an end-to-end experience to customers with strong strategy and design skills, implementation and technical abilities, and industry-leading sustenance models. Role Summary: We are seeking a Level 1 & 2 GRC consultant with a strong foundation in ISO 27001 and hands-on experience in information security governance and risk management. The ideal candidate will support project delivery through risk assessments, documentation, and internal coordination while also engaging with clients to align compliance efforts with business goals. Responsibilities: Execution & Delivery Conduct various frameworks gap assessments, risk analysis, and control mapping activities. Draft and maintain detailed documents such as procedures, SoA, risk treatment plans, and implementation trackers. Analyze client environments to assess compliance posture and develop tailored recommendations. 2. Client Engagement Participate in client meetings and walkthroughs, aligning documentation and recommendations to business objectives. Support client advisory by answering queries, preparing reports, and collaborating with principal consultants during remediation discussions. 3. Project Coordination Track project milestones, deliverables, and dependencies while supporting the Principal Consultant in managing engagement activities. Provide timely updates and ensure documentation consistency across engagements. 4. Team Support & Mentorship Guide L1 consultants during projects and review their deliverables for quality and accuracy. Offer mentorship in an ad hoc capacity, helping develop internal capability and delivery quality. 5. Frameworks & Standards Primary expertise in ISO/IEC 27001, with experience in implementation, documentation, and certification support. Working knowledge of SAMA, NCA, ISO 27701, and KSA PDPL is preferred but not mandatory. 6. Tools & Core Skills Proficiency in Microsoft Excel and Word for documentation and reporting. Strong skills in: Statement of Applicability (SoA) writing Risk register handling • Procedure drafting and documentation Client communication and reporting 7. Experience & Qualifications 1–8 years of experience in a cybersecurity or GRC role, preferably within a consulting or client-facing capacity. Certified in ISO 27001 Lead Implementer and/or Lead Auditor (required). Bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related field. Client & Industry Exposure Experience working across diverse industries is preferred. Candidates with consulting or internal security/compliance backgrounds are welcome. Job Location: Chennai (Traveling also required) Show more Show less