Cybersecurity GRC - Audit Risk & Compliance Consultant

Job Brief:

This role of Risk & Compliance consultant is to oversee the Risk & Compliance function which involves ensuring strong governance, compliance adherence, and effective risk management to prevent production impact and audit issues.

This role will be responsible for:

· Establishing and monitoring the key risk measures and controls

· Driving process enhancements and continuous improvements

· Overseeing audit readiness and timely remediation efforts

· Developing dashboards and reports to provide transparency on compliance status

· Proactively escalating potential risks to management to avoid compliance failures

· Working independently with self-initiative to drive improvements and implement best practices

A critical part of this role is stakeholder management, as he will work closely with technology teams, auditors, risk & compliance functions, and clients to ensure alignment and effective execution of risk and compliance initiatives.

Key responsiblities

Risk & Compliance Oversight

· Establish effective governance frameworks and control mechanisms to maintain a structured and sustainable risk management environment.

· Identify and implement key risk measures and controls to strengthen compliance and reduce operational risks.

· Ensure all compliance requirements, including EOL/EOS tracking, certifications, licenses, and regulatory obligations etc…, are properly managed and completed on time, avoiding overdue issues.

· Conduct periodic risk assessments to proactively identify and mitigate potential risks before they impact production.

· Work closely with all technology teams to ensure stability by proactively addressing risks that could lead to service disruptions or regulatory non-compliance.

· Independently drive improvements in compliance processes, ensuring continuous enhancement of governance and risk management practices.

· Provide management with early warnings and escalate potential compliance risks to prevent last-minute surprises or audit issues.

· Develop and maintain dashboards to provide clear visibility of risk and compliance status across all levels of the organization.

Audit & Remediation Management

· Lead and coordinate internal and external audits, ensuring timely and accurate responses to audit requests.

· Track and ensure all audit findings and remediation actions are properly documented and delivered within agreed timelines.

· Establish a structured approach to monitor, validate, and close control gaps identified during audits to prevent recurrence.

· Proactively engage with stakeholders to address control deficiencies before they escalate into major audit issues.

· Provide heads-up to management on potential audit risks or remediation delays, ensuring timely intervention to avoid compliance breaches.

Process Improvement, Governance Strengthening & Reporting

· Independently identify areas for improvement in risk management, governance, and compliance processes, driving initiatives without needing constant direction.

· Implement automated tracking mechanisms and dashboards for compliance reporting, audit readiness, and risk monitoring.

· Develop governance dashboards and reports that provide real-time insights into compliance status, audit progress, risk trends, and overdue items.

· Ensure all teams, including senior management, have a clear and up-to-date view of the risk and compliance posture.

· Partner with CyberSecurity Services (CSS) team to ensure various controls like Vulnerability, Certification and Exception Management etc… are properly managed.

· Regularly review and update policies, procedures, and risk controls to align with evolving regulatory and business requirements.

Proactive Risk Escalation & Issue Management

· Continuously monitor for emerging risks and provide early warnings to management to allow proactive decision-making.

· Escalate non-compliance risks, delayed remediations, or potential audit concerns to ensure swift corrective action.

· Work with stakeholders to develop action plans to mitigate escalated risks, ensuring alignment with business and regulatory expectations.

Stakeholder Management

· Collaborate with technology teams, auditors, compliance officers, risk managers, and external clients to ensure effective execution of compliance and risk management initiatives.

· Act as the main point of contact for compliance-related discussions, ensuring clarity and alignment across teams.

· Ensure all stakeholders understand their compliance responsibilities and work proactively to meet risk and audit expectations.

· Effectively communicate risk posture, key issues, and remediation progress to senior management and external regulators/auditors.

Leadership & Team Management

· Mentor and influence other team members ensuring high performance and continuous improvement.

· Foster a culture of accountability, collaboration, and proactive risk management within the team and across IT functions.

· Ensure clear communication of team objectives, priorities, and compliance responsibilities.

Skills Required :

Educational Qualification

· Computer Science or Information Technology Degree holder

· CISSP/CISA/CCSP etc…

Experience

· Min 8 years of experience

· Information Technology Infrastructure and/or application related experience

· Risk & Compliance management

Technical Skills

· Proficiency in tools like ServiceNow, GRC platforms, Power BI, or other compliance tracking and reporting systems.

Domain Skills

· Strong knowledge of risk management, compliance, audit processes, and IT governance.

· Proven ability to define and implement key controls, governance frameworks, and risk measures to strengthen compliance.

Other Skills:

· Strong self-initiative and ability to work independently to drive improvements, streamline processes, and strengthen governance.

· Ability to analyze risks to navigate complex challenges, escalate potential issues early, and implement preventive measures to avoid compliance failures.

· Excellent stakeholder management and problem-solving skills.

· Excellent communication and presentation skills to bridge technical and business discussions.

· Leadership and collaboration skills to engage cross-functional teams and stakeholders.

· Adaptability to work in fast-paced, dynamic environments, etc.