GRC Consultant

Job Description

Responsibilities: • As part of the GRC team deliver on engagements pertaining to information security, cyber security, risk management and privacy for our customers across the globe • Responsible for managing and delivering on accounts in accordance with CyRAACS quality guidelines & methodologies. • Execute the engagement requirements, prepare reports and schedules that will be delivered to clients and other parties • Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress • Develop and maintain productive working relationships with client personnel • Prepare status updates and prepare management presentations etc. • Actively contribute to improving operational efficiency on projects & internal initiatives. • Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. • Understand and follow workplace policies and procedures • Flexible to travel to client location for the project delivery. Desired skills: • 3-5 years experience (preferably in consulting environment) • Strong knowledge of cyber/information security concepts, risk and controls concepts • Strong knowledge of any standards such as ISO 27001/2, ISO 22301, ISO 27018, ISO 27701, PCI DSS, NIST standards on Cyber Security, HITRUST, etc. • Good knowledge of IT risk and control / audit environment • Good understanding of IT Management Frameworks such as COBIT, ITIL and regulations such as RBI Guidelines, PCI Compliance, GDPR, HIPAA] etc. • Knowledge of vulnerability management • A good understanding of IT data centre operations and a variety of technology platforms • Excellent business communication skills, proficient in reporting and documentation • Ability to deliver work within tight timescales, to budget and to a high quality • Demonstrate attention to detail • ISO 27001 Lead Auditor and Lead Implementer preferred. • CISSP, CISA, CISM certifications desirable. Show more Show less