CyRAACS™ | GRC

Job Title: GRC (Governance and Risk Compliance) consultant

Job Location: Bangalore and Mumbai

Qualification:

• Graduate or postgraduate in Management with 2-8 years' experience working in consulting environment for IT industry or cybersecurity.
• Must have hands on experience working as ISO 27001 Lead Auditor or Lead Implementer.
• Certification in CISSP or CISA or CISM or similar is must

Responsibilities:

• As part of the Risk Advisory team deliver on engagements pertaining to information security, cyber security, risk management and privacy for our customers across the globe
• Responsible for managing and delivering on accounts in accordance with CyRAACS quality guidelines & methodologies.
• Execute the engagement requirements, prepare reports and schedules that will be delivered to clients and other parties
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
• Develop and maintain productive working relationships with client personnel
• Prepare status updates and prepare management presentations etc.
• Actively contribute to improving operational efficiency on projects & internal initiatives.
• Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies.
• Understand and follow workplace policies and procedures
• Flexible to travel to client location for the project delivery

Desired skills:

• Strong knowledge of cyber / information security concepts, risk and controls concepts
• Strong knowledge of any standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI DSS, NIST standards on Cyber Security, HITRUST, etc.
• Good knowledge of IT risk and control / audit environment
• Good understanding of IT Management Frameworks such as COBIT, ITIL and regulations such as RBI Guidelines, PCI Compliance, GDPR, HIPAA etc.
• Knowledge of vulnerability management
• A good understanding of IT data centre operations and a variety of technology platforms
• Excellent business communication skills, proficient in reporting and documentation
• Ability to deliver work within tight timescales, to budget and to a high quality
• Demonstrate attention to detail