GRC Consultant

Job Description :

We are seeking a motivated and detail-oriented GRC Consultant with at least 2 years of experience in governance, risk management, and compliance domains.

The ideal candidate will support clients and internal stakeholders in aligning IT risk, compliance, and security initiatives with business goals, while ensuring regulatory and industry standard adherence.

Key Responsibilities :

- Perform risk assessments, gap analyses, and compliance audits

- Work with cross-functional teams to identify, assess, and mitigate risks across IT and business functions

- Support clients in achieving and maintaining compliance with standards such as ISO 27001, SOC 2, GDPR, NIST, or SOX

- Develop documentation, including risk registers, policy documents, and compliance reports

- Participate in the setup and configuration of GRC platforms (e.g., RSA Archer, ServiceNow GRC, MetricStream, etc.)

- Monitor regulatory changes and support compliance with evolving requirements

- Train and educate users on GRC processes and best practices

Required Skills & Experience :

- Understanding of GRC tools and compliance frameworks (ISO 27001, NIST, GDPR, etc.)

- Familiarity with risk assessment methodologies and compliance processes

- Excellent analytical, documentation, and communication skills

- Proficiency in MS Office, Excel, and presentation tools

- Bachelor's degree in Information Security, Computer Science, or related field

Preferred Qualifications :

- Certifications such as ISO 27001 LA/LI, CISA, CRISC, or CISM

- Exposure to GRC platforms