GRC Consultant

Title: GRC Consultant - Cybersecurity

Location: Remote In India

Job Type: 6 Months

Immediate or 15 Days notice period only

Required Skills and Qualifications:

• Proven experience in D&T governance, cybersecurity, risk management, and compliance.
• Strong knowledge of UAEIA, ISO standards, and industry best practices.
• Excellent communication and stakeholder management skills.
• Ability to work collaboratively with cross-functional teams, particularly in risk and internal audit.
• Experience in drafting policies and procedures and leading audit findings meetings.
• Proficiency in maintaining risk registers and developing effective mitigation strategies.

Key Responsibilities:

Project Leadership and Delivery:

• Lead the development and implementation of D&T policies and procedures, ensuring alignment with Agthia Group’s strategic goals.
• Oversee project timelines, deliverables, and resource allocation to ensure successful outcomes.

Stakeholder Management:

• Engage with key stakeholders to gather requirements and feedback on D&T and cybersecurity policies, ensuring clear and effective communication.
• Facilitate audit findings meetings, ensuring timely identification and closure of issues.

Technical Expertise:

• Provide technical support in creating and implementing both cybersecurity and D&T policies and procedures.
• Draft and design policies in accordance with UAEIA and ISO standards, ensuring comprehensive coverage across the organization.
• GRC Archer platform: risk register & audit findings are up to date.

Cybersecurity and D&T Knowledge:

• Stay updated on industry trends in cybersecurity and digital transformation (D&T) to enhance the Agthia’s capabilities and resilience.

Risk Management:

• Risk Identification: Conduct thorough gap analysis to identify vulnerabilities and risks within D&T and cybersecurity domains.
• Mitigation Strategies: Develop and implement tailored risk mitigation strategies to address identified vulnerabilities.
• Risk Register: Maintain and regularly update the risk register, reflecting current statuses and action plans.

Compliance Assurance:

• Ensure all D&T and cybersecurity initiatives comply with relevant regulations and standards, including UAEIA and ISO 27001 - 27002.
• Collaborate with risk and internal audit (IA) teams to establish key deliverables and align on a comprehensive risk roadmap.

Policy Deployment and Enforcement:

• Oversee the deployment and enforcement of D&T and cybersecurity policies across the organization, promoting understanding and compliance among all staff.
• Set smart objectives and measurable outcomes to evaluate the effectiveness of policies and procedures.
• End user awareness – accepted user policy