GRC Cyber Security Consultant

We are seeking a highly skilled and experienced Cybersecurity Governance, Risk, and Compliance (GRC) Consultant to join our team. The ideal candidate will have at least three years of hands-on experience in all required fields. As a Cybersecurity GRC Consultant, you will be responsible for developing and implementing cybersecurity policies, procedures, and controls to mitigate risks and ensure compliance with regulatory requirements. You will also provide expert guidance and support to internal teams on security governance frameworks, risk management practices, and compliance initiatives.

Responsibilities:

1. Develop and implement cybersecurity governance frameworks, policies, and procedures in alignment with industry standards and best practices.

2. Conduct risk assessments and gap analyses to identify security vulnerabilities and develop risk mitigation strategies.

3. Collaborate with cross-functional teams to ensure the effective implementation of security controls and measures.

4. Provide guidance and support on regulatory compliance requirements such as GDPR, HIPAA, PCI DSS, and ISO 27001.

5. Lead internal and external cybersecurity audits, assessments, and compliance reviews.

6. Stay abreast of emerging cybersecurity threats, trends, and regulatory changes to proactively address security risks.

7. Serve as a subject matter expert on cybersecurity GRC matters, providing training and mentorship to junior team members.

8. Develop and maintain relationships with clients, stakeholders, and regulatory authorities to ensure ongoing compliance and alignment with industry standards.

REQUIREMENTS

1. Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree preferred.

2. Minimum of three years of experience in cybersecurity GRC roles, with a strong understanding of governance, risk management, and compliance principles.

3. Professional certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.

4. In-depth knowledge of cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Controls, and COBIT.

5. Experience with conducting risk assessments, gap analyses, and security audits.

6. Strong analytical and problem-solving skills with the ability to interpret complex regulatory requirements and translate them into actionable recommendations.

7. Excellent communication and interpersonal skills, with the ability to effectively collaborate with internal teams and communicate complex technical concepts to non-technical stakeholders.

8. Proven track record of successfully managing cybersecurity projects and initiatives from inception to completion.