GRC Consultant

Social network you want to login/join with:

Reporting to: Information Security Officer (ISO)

Hours: 37.5 hours per week

Security clearance: Advantageous, not essential

This is a brilliant opportunity to join our growing team at CND. We are looking to bolster our internal team with a GRC Consultant. At CND, we pride ourselves on our unique culture focused on employee wellbeing. We ensure that our staff feel valued and are able to bring their best selves to work every day.

Key Responsibilities:

• Undertake GRC consultancy engagements as required
• Develop, implement, and maintain governance policies and procedures
• Identify, assess, and mitigate risks across the organisation
• Develop, implement, and maintain compliance policies and procedures
• Develop and deliver GRC training for employees via our LMS and verbal briefs
• Prepare and submit reports to senior management and framework bodies
• Undertake additional, relevant tasks, projects, and training as required in your role in support of the wider business
• Strong knowledge of governance, risk management, and compliance concepts
• Good understanding of industry standards, regulatory requirements, and frameworks (ISO, CSF, NIST, SOC2, Cyber Essentials etc)
• Ability to conduct risk assessments and develop risk mitigation strategies
• High standards of written and verbal communication, with excellent attention to detail
• Presentable and comfortable with client-facing interaction
• Currently, or capable of gaining and maintaining IASME assessor status