Cybersecurity GRC Consultant

Responsibilities

• Conduct comprehensive security assessments and risk analyses to identify gals against information and cybersecurity standards.
• Perform compliance assessment.
• Collaborate with clients and internal teams to develop and implement information security policies, standards, and procedures.
• Perform security audits to evaluate the effectiveness of security controls and systems.
• Analyze and interpret security assessment findings, and provide recommendations for remediation.
• Strong knowledge on data governance, data privacy regulations and protection requirements.
• Advise on security best practices, industry standards, and emerging trends to enhance the organizations security posture.
• Develop and deliver security awareness training programs to educate employees about information security practices and policies.
• Comprehensive knowledge on security incidents and process flow to respond to security breaches or other cybersecurity-related issues in a timely manner.
• Evaluate and recommend security practices and solutions, such as firewalls, intrusion detection systems, and encryption tools.
• Collaborate with cross-functional teams to ensure security requirements are integrated into system development lifecycle processes.
• Stay up to date with the latest security threats, vulnerabilities, and technologies through continuous learning and professional development.
• Preferred

Candidate Profile

Bachelors degree in Computer Science, Information Systems, or a related field. Relevant certifications (e.g., CISSP, CISM, CISA) are highly desirable. Proven experience in information security consulting or a similar role, preferably in diverse industries. Deep understanding of information security principles, risk management, and industry best practices.

Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, PCI-DSS). Strong knowledge of management policy development Strong knowledge on technical policy development - network security, application security, encryption technologies, and secure coding practices.

Experience with security assessment tools and techniques, interpreting results from vulnerability scanning and penetration testing and translating into gaps. Excellent analytical and problem-solving skills, with the ability to assess complex security risks and provide practical recommendations. Strong communication and interpersonal skills to effectively collaborate with clients, stakeholders, and technical teams.

Ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines. Ethical and professional conduct with a commitment to maintaining confidentiality and integrity.