Cyber Security GRC Consultant

Company Description

CyberSapiens is a Cyber Security based company based in Mangaluru, Bangalore and Melbourne. We offer a wide range of services including Compliance, Security Audits, ISO 27001, VAPT, Security Auditing, Threat Hunting, Black Box Testing, Malware Analysis, Cyber Attack Analysis and many more.

Role Description

This is a full-time hybrid role for a Cyber Security GRC Consultant at CyberSapiens. The consultant will be responsible for various tasks related to Governance, Risk and Compliance. The role is based in Mangaluru with flexibility for some remote work.

Further includes:

• Implement ISO 27001, SOC, HIPAA, and other standards and guidelines.

• Conduct internal and external audits

• Conduct cybersecurity risk assessments and gap analyses to identify risks and compliance requirements.

• Develop and implement cybersecurity policies, procedures, and controls aligned with industry standards (e.g., ISO 27001, NIST Cybersecurity Framework) and regulatory requirements (e.g., GDPR, HIPAA, PCI DSS).

• Assist clients in establishing and maintaining effective cybersecurity governance structures, including roles, responsibilities, and reporting mechanisms.

• Provide guidance and recommendations to clients on cybersecurity best practices, emerging threats, and risk mitigation strategies.

• Collaborate with internal stakeholders and external auditors to ensure compliance with regulatory requirements and industry standards.

• Conduct training and awareness sessions for client stakeholders to promote a culture of cybersecurity awareness and compliance.

• Stay abreast of the latest developments in cybersecurity regulations, standards, and frameworks, and integrate them into client engagements.

• Support business development efforts by participating in client meetings, preparing proposals, and identifying opportunities for additional services.

Qualifications

Bachelor's degree in Computer Science, Information Security, or related field.

• Minimum of 2 years of experience in cybersecurity, with a focus on governance, risk management, and compliance.

• Strong understanding of cybersecurity principles, frameworks, and standards (e.g., ISO 27001, HIPAA, PCIDSS, NIST Cybersecurity Framework, GDPR).

• Experience conducting cybersecurity risk assessments, gap analyses, and compliance audits.

• Excellent communication and interpersonal skills, with the ability to effectively engage with clients and internal stakeholders.

• Relevant certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.

• Ability to work independently and as part of a team, with a proactive and collaborative approach to problem-solving.