GRC Consultant

Responsibilities:

• Provide expert consultation on ISO and CMMI standards to clients, ensuring a deep understanding of Information Security, IT Risk Management, Audit, governance, and compliance principles.
• Collaborate with clients to assess their current processes and practices, identifying areas for improvement and alignment with industry standards.
• Develop and implement strategies for achieving and maintaining ISO and CMMI certifications.
• Conduct risk assessments and audits, identifying vulnerabilities and recommending corrective actions to enhance security posture.
• Stay abreast of the latest developments in Information Security, governance, and compliance laws, rules, and regulations.
• Conduct comprehensive risk assessments on cloud infrastructure, applications, networks, APIs, and other IT systems.
• Review and analyze reports generated from Vulnerability Assessment and Penetration Testing (VAPT) activities to identify vulnerabilities and potential security weaknesses.
• Assist in the development and maintenance of security and compliance documentation.

Requirements:

• Minimum of 5 years of work experience in the field of Governance, Risk, and Compliance (GRC) within the IT and cybersecurity domain.
• Proven expertise in conducting risk assessments and vulnerability management.
• In-depth knowledge of industry standards and regulations related to security and compliance.
• Excellent communication and interpersonal skills to collaborate effectively with project teams and clients.
• Strong problem-solving and analytical abilities.
• Relevant certifications, such as CISSP, CISA, CISM, or equivalent, are a plus.