Job
Description
As a GRC Consultant / Senior Consultant with a minimum of 4 years of experience, your role will involve supporting governance, risk, and compliance initiatives for clients. Your expertise in ISMS, ISO 27001, and Third-Party Risk Management (TPRM) will be crucial in conducting assessments and enhancing the security posture of clients. Key Responsibilities: - Conduct ISO 27001 gap assessments, internal audits, and assist in ISMS implementation and maintenance. - Perform TPRM assessments, assess vendor risks, review security documentation, and suggest remediation actions. - Assist in developing and reviewing security policies, procedures, SOPs, and risk registers. - Participate in risk assessments and contribute to designing risk treatment plans. - Collaborate with stakeholders and clients to collect evidence, monitor compliance status, and address audit findings. - Aid in the preparation of audit reports, dashboards, and compliance documentation. - Keep abreast of global security standards, industry best practices, and emerging regulatory requirements. - Work closely with cross-functional teams to ensure GRC practices alignment (IT, Security, Operations, Legal, Procurement). Qualifications Required: - Minimum 2 years of experience in GRC, ISMS, ISO 27001, and TPRM. - Practical exposure to ISO 27001:2022 implementation or audits. - Strong grasp of risk assessment methodologies, security controls, and compliance frameworks. - Experience in vendor due diligence, security questionnaires, and TPRM workflows. - Good understanding of security governance processes and documentation management. - Excellent communication, stakeholder management, and reporting skills. If you possess an ISO 27001 LA/LI certification and have worked with GRC tools such as ServiceNow, Archer, or OneTrust, it would be considered advantageous. Your ability to work independently, meet project timelines, and adapt to evolving security landscapes will be key in excelling in this role. As a GRC Consultant / Senior Consultant with a minimum of 4 years of experience, your role will involve supporting governance, risk, and compliance initiatives for clients. Your expertise in ISMS, ISO 27001, and Third-Party Risk Management (TPRM) will be crucial in conducting assessments and enhancing the security posture of clients. Key Responsibilities: - Conduct ISO 27001 gap assessments, internal audits, and assist in ISMS implementation and maintenance. - Perform TPRM assessments, assess vendor risks, review security documentation, and suggest remediation actions. - Assist in developing and reviewing security policies, procedures, SOPs, and risk registers. - Participate in risk assessments and contribute to designing risk treatment plans. - Collaborate with stakeholders and clients to collect evidence, monitor compliance status, and address audit findings. - Aid in the preparation of audit reports, dashboards, and compliance documentation. - Keep abreast of global security standards, industry best practices, and emerging regulatory requirements. - Work closely with cross-functional teams to ensure GRC practices alignment (IT, Security, Operations, Legal, Procurement). Qualifications Required: - Minimum 2 years of experience in GRC, ISMS, ISO 27001, and TPRM. - Practical exposure to ISO 27001:2022 implementation or audits. - Strong grasp of risk assessment methodologies, security controls, and compliance frameworks. - Experience in vendor due diligence, security questionnaires, and TPRM workflows. - Good understanding of security governance processes and documentation management. - Excellent communication, stakeholder management, and reporting skills. If you possess an ISO 27001 LA/LI certification and have worked with GRC tools such as ServiceNow, Archer, or OneTrust, it would be considered advantageous. Your ability to work independently, meet project timelines, and adapt to evolving security landscapes will be key in excelling in this role.
