GRC Consultant

The GRC Information Security Consultant is responsible for the collaboration with the company's customers and providing the required GRC services and solutions, by making sure that the customer's Security Risk Management. Programs are managed and that compliance objective are in place and achieved.

The GRC Risk Consultant supports the organization by identifying, reporting, and directing recovery activities and solutions for key risks within the IT organization, making sure that the activities are aligned with overall risk management strategy. The GRC Consultant also supports the development and review of security policies, standards and guides.

Responsibilities:

Conducting GRC professional services internally and to customers.

Developing and implementing customized GRC programs.

Developing cybersecurity strategy, objectives, policies, standards, guidelines, and procedures.

Performing risk analysis including risk identification, assessment, mitigation, and monitoring for

organizations.

Performing compliance assessments against cybersecurity frameworks.

Performing cybersecurity audit activities.

Developing and implementing cybersecurity awareness programs.

Managing the GRC platform.

Establish, manage, and monitor the organization's risk register and provide periodic reporting.

Focal point of contact for GRC projects, initiatives, programs.

Develop strong relationships with both customers and internal stakeholders.

Participate in due diligence activities related to mergers and acquisitions, by providing recommendations

to senior management.

The GRC Information Security Consultant is responsible for the collaboration with the company's customers and providing the required GRC services and solutions, by making sure that the customer's Security Risk Management. Programs are managed and that compliance objective are in place and achieved.

The GRC Risk Consultant supports the organization by identifying, reporting, and directing recovery activities and solutions for key risks within the IT organization, making sure that the activities are aligned with overall risk management strategy. The GRC Consultant also supports the development and review of security policies, standards and guides.

Responsibilities:

Conducting GRC professional services internally and to customers.

Developing and implementing customized GRC programs.

Developing cybersecurity strategy, objectives, policies, standards, guidelines, and procedures.

Performing risk analysis including risk identification, assessment, mitigation, and monitoring for

organizations.

Performing compliance assessments against cybersecurity frameworks.

Performing cybersecurity audit activities.

Performing cybersecurity maturity assessments.

Developing and implementing cybersecurity awareness programs.

Managing the GRC platform.

Establish, manage, and monitor the organization's risk register and provide periodic reporting.

Focal point of contact for GRC projects, initiatives, programs.

Develop strong relationships with both customers and internal stakeholders.

Participate in due diligence activities related to mergers and acquisitions, by providing recommendations

to senior management.

Bachelor's or master's degree in information security or information technology

Certifications such as CISSP, CISM, CISA, CRISC, GSEC, ISO27001 or PCIP are preferred

5-10 years of experience

Experience in Information Security

Company Industry

• IT - Software Services

Department / Functional Area

• Corporate Planning
• Consulting
• M&A

Keywords

• GRC Consultant

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com