Cyber GRC Consultant Job Description
Our client, a leading organisation, is seeking a Cyber GRC Consultant to support their team.
Job Responsibilities:
* Develop, implement, and maintain GRC frameworks aligned with ISO 27001, NIST, and other industry standards.
* Conduct risk assessments and ensure compliance with regulatory requirements.
* Advise stakeholders on cybersecurity risks and mitigation strategies.
* Assist in the creation and enforcement of security policies, standards, and procedures.
* Provide audit support and liaise with internal/external auditors.
* Oversee third-party risk management and compliance reviews.
* Deliver training and awareness programs related to cybersecurity and risk management.
* Work closely with IT, security, and compliance teams to improve cyber resilience.
Experience Required:
* Minimum 3+ years of experience in Cyber GRC, IT Risk, or Compliance.
* Strong knowledge of ISO 27001, NIST 800-53, GDPR, and other compliance frameworks.
* Experience conducting risk assessments, audits, and gap analyses.
* Previous experience in a consulting or advisory role is a plus.
Desirable Skills:
* Certifications such as CISSP, CISM, CRISC, CISA, or ISO 27001 Lead Auditor/Implementer.
* Experience with third-party risk management and vendor assessments.
* Understanding of cloud security frameworks (AWS, Azure, GCP).
Educational Requirements:
A Bachelor's degree in Computer Science, Information Security, or a related field is preferred.
Benefits:
* Competitive salary.
* Bonus.
* Pension.
* Hybrid working options.