Job Overview:
The GRC Consultant will be responsible for providing guidance and expertise to clients on information security governance, risk, and compliance (GRC) matters. In this role, the candidate will work closely with clients to assess their current GRC posture, identify risks and vulnerabilities, and develop recommendations to improve their GRC practices.
Key Responsibilities:
- Provide GRC consulting services to clients, including risk assessments, security audits, and compliance evaluations
- Develop and deliver GRC solutions and recommendations to clients, including policies, procedures, and best practices
- Stay up-to-date with the latest security trends, threats, and regulations and provide insights and recommendations to clients
- Collaborate with clients to ensure that security controls are in place and functioning effectively
- Develop and deliver security awareness training to clients and their employees
- Represent the organization in client meetings and presentations
- Build and maintain strong relationships with clients and partners
Requirements:
- Bachelor's degree in Computer Science, Information Security, or equivalent experience
- Minimum of 5 years of experience in information security and risk management
- Strong knowledge of industry standards and regulations such as ISO 27001, NIST, SOC 2 and others
- Experience in conducting risk assessments and security audits
- Excellent written and verbal communication skills
- Strong problem-solving and critical thinking skills
- Ability to work independently and in a team environment
- Strong attention to detail and ability to multitask
- CISSP, CISM, CRISC, or other relevant certifications are a plus.
