Cybersecurity GRC Consultant

Responsibilities

• Conduct comprehensive security assessments and risk analyses to identify gaps against information and cybersecurity standards.
• Perform compliance assessment.
• Collaborate with clients and internal teams to develop and implement information security policies, standards, and procedures.
• Perform security audits to evaluate the effectiveness of security controls and systems.
• Analyze and interpret security assessment findings, and provide recommendations for remediation.
• Strong knowledge of data governance, data privacy regulations, and protection requirements.
• Advise on security best practices, industry standards, and emerging trends to enhance the organization's security posture.
• Develop and deliver security awareness training programs to educate employees about information security practices and policies.
• Comprehensive knowledge of security incidents and process flow to respond to security breaches or other cybersecurity‑related issues in a timely manner.
• Evaluate and recommend security practices and solutions, such as firewalls, intrusion detection systems, and encryption tools.
• Collaborate with cross‑functional teams to ensure security requirements are integrated into system development lifecycle processes.
• Stay up to date with the latest security threats, vulnerabilities, and technologies through continuous learning and professional development.

• Bachelor's degree in Computer Science, Information Systems, or a related field. Relevant certifications (e.g., CISSP, CISM, CISA) are highly desirable.
• Proven experience in information security consulting or a similar role, preferably in diverse industries.
• Deep understanding of information security principles, risk management, and industry best practices.
• Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, PCI‑DSS).
• Strong knowledge of management policy development.
• Strong knowledge of technical policy development—network security, application security, encryption technologies, and secure coding practices.
• Experience with security assessment tools and techniques, interpreting results from vulnerability scanning and penetration testing and translating into gaps.
• Excellent analytical and problem‑solving skills, with the ability to assess complex security risks and provide practical recommendations.
• Strong communication and interpersonal skills to effectively collaborate with clients, stakeholders, and technical teams.
• Ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines.
• Ethical and professional conduct with a commitment to maintaining confidentiality and integrity.

If you meet the above requirements, please send your CV to [contact information].