GRC Consultant

Job Description Join Tsaaro as a GRC Consultant Create Impact. Strengthen Trust. Drive Compliance Excellence. Are you a detail-oriented, analytical GRC professional with experience in governance, risk, and compliance looking to elevate your career At Tsaaro, we don't just talk about privacy we help organizations build strong, compliant, and secure systems. Our consulting team ensures that businesses navigate regulations confidently while fostering trust through effective governance and risk management frameworks. We're growing fast and are looking for a GRC Consultant who's passionate about compliance, experienced in risk assessments, and ready to drive measurable impact across Tsaaro's client engagements. About Tsaaro At Tsaaro, privacy and security aren't just our services they're our purpose. Our team of experts works at the intersection of data protection, cybersecurity, governance, and compliance to help organizations build a culture of trust. Our consulting team plays a crucial role in enabling that mission delivering assessments, frameworks, and solutions that position Tsaaro as a trusted partner in data privacy and cybersecurity compliance. Your Role: GRC Consultant As a GRC Consultant, you'll work closely with clients and internal teams to assess risks, implement controls, enhance compliance, and ensure organizations meet regulatory and industry standards. Key Responsibilities: Conduct governance, risk, and compliance assessments across various standards and regulatory frameworks. Assist organizations in implementing policies, procedures, and controls aligned with ISO standards (ISO 27001, ISO 27701, etc.). Perform risk assessments, gap analysis, and maturity evaluations for client environments. Support in building and implementing Information Security Management Systems (ISMS) and Privacy Information Management Systems (PIMS). Develop audit reports, documentation, and remediation plans based on assessment findings. Collaborate with technical and consulting teams to ensure effective implementation of compliance controls. Assist clients with regulatory requirements, including GDPR, DPDP Act, and global privacy/security regulations. Conduct internal audits, vendor risk assessments, and compliance checks to ensure continuous improvement. Manage end-to-end project delivery, including planning, execution, tracking, and ensuring timely completion of engagement milestones. Engage and coordinate with stakeholdersboth internal and client-sideto ensure alignment, clarity, and seamless execution of project deliverables. Stay updated with evolving cybersecurity, privacy, and compliance standards. Requirements Bachelor's degree in Information Security, Computer Science, Business, or a related field. Experience in governance, risk, and compliance roles ISMS, PIMS, audits, or regulatory implementations. Strong understanding of frameworks such as ISO 27001, ISO 27701, NIST, SOC 2, GDPR, DPDP Act, etc. Ability to conduct risk assessments, gap analysis, and control mapping. Strong analytical skills, report writing abilities, and attention to detail. Experience working with clients, stakeholders, or cross-functional teams. Proven experience in project management, including planning, tracking, reporting, and coordinating across teams. Strong stakeholder management skills with the ability to communicate effectively and manage expectations at all levels. Ability to multitask, meet deadlines, and work in a fast-paced consulting environment. Professional certifications (ISO 27001 LA/LI, CIPP, CIPM, etc.) are a plus. Benefits Work with a high-growth brand in privacy, cybersecurity, and compliance. Lead real-world GRC projects and deliver impactful consulting engagements. Collaborate with industry experts and a dynamic consulting team. Hybrid work options for flexibility and balance. Strong opportunities for professional advancement and certifications. From the Tsaaro Team: At Tsaaro, we're not just shaping the future of privacy we're shaping careers. As a GRC Consultant, you'll be part of a passionate team that values expertise, trust, and meaningful impact. Your work will help organizations build secure and compliant ecosystems.