Go Back

Project Details

Senior Governance, Risk & Compliance Consultant

Information Security Consulting Firm

 Mumbai / Navi Mumbai, Bangalore

Posted on:  1/02/2022

Cinque Terre

Starts on:  23/02/2022


Information Technology


Information Security,


IT Services & Consulting

Company Details

Information Security Consulting Firm

Assignment Details

Our client is a pure-play information security consulting firm that started in 2006 with global offices & presence in India, UAE, Oman, KSA & USA. It specializes in Risk Assessment, GRC Consulting, Information Security Training and on-demand information security consulting. They are looking for a Senior GRC consultant to help them manage their projects.

Job role: This role includes 50% audit & 50% implementation & development work, experience to any one of the below will qualify the candidate for M1 level (Preference is Audit)
- Leading and developing a practice line along with team
- Should have Practice development & services design experience
- Should have Leadership, ownership, team management, engaging business skills

1. Setting up Governance (aligned to standards)
- Gap Assessment
- Risk Assessment
- Documents Strategy/Framework/Policy/Procedure/Standards/Guidelines/Templates/Checklists/Forms Implementation Roadmap/Process/Technology/People environment within an organization

2. Implementing/Managing the setup (Governance)
- Assisting or consulting/advising on implementation or performing the implementation
- Managed services for running the GRC/ISMS program
- Running Awareness Campaigns
- periodic review/improvement of GRC documentation
- periodic Risk assessments, etc

3. Assessing/Auditing/Reviewing Compliances of the setup Governance/ ISMS
- Developing Audit/Assessment frameworks as per need, develop audit programs
- Conducting Compliance Reviews against known/agreed frameworks
- Engagement with stakeholders to get data
- Conducting Control effectiveness review
- GRC assessment (Documentation review, implementation review along with asking evidence review)
- Preparation of reports
- Preparing and delivering audit outcomes Presentation to stakeholders

Skills Required

Skills Required:
1) Anyone Relevant certification is mandatory: CISSP, CISA, CISM, CRISC, CGEIT, GRCP, GRCA

2) Good to have Certification: ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, IAPP Certified, CDPSE, ISO 27701 privacy, ISO 20000, CCSK, CCSP, CCAK, PCIQSA, ISO22301,
- GRC Standards/ Framework Knowledge: (ISO27001 mandatory)
ISO9001, PCIDSS, NIST Cyber security framework, COBIT, ITIL, NCA ECC, NESA (UAE), RBI CSF, SAMA CSF, HIPPA, SOC 2 (Audit framework), ISO22301 framework, CMMi – good to have

1) Positive attitude, problem solving skills and attention to details
2) Should be results-oriented and able to deliver within preset deadlines.
3) Should value quality and client-satisfaction
4) Should possess very good communication skills (written/spoken English & presentation skill)
5) Ability to be analytical and strategic.
6) Able to work with minimal supervision.
7) Presentation & Internal Customer Facing skills.
8) Ability to communicate complex ideas concisely and in a business context.

Assignment Duration

3 month(s)

Capacity Required

Full Time

No. of Positions


Nature of Work

Both (On-site & Remote)

Profile Requirements

Experience: 7+ years

Qualification : Graduate

fleXpertise required



- | Terms of use | Privacy policy | Contact us
©2018 Flexing It® Services Private Limited. All Rights Reserved.

This website uses cookies to ensure you get the best experience on our website. By continuing to use this site, you agree to our cookie policy. Accept