Grc Consultant

Job Title: GRC Consultant / Senior Consultant Location: GurgaonExperience: Minimum 2 yearsShift: Regular business hours (as per company policy)Role OverviewWe are seeking a GRC Consultant / Senior Consultant with strong experience in ISMS, ISO 27001, and Third-Party Risk Management (TPRM). The ideal candidate will support governance, risk, and compliance initiatives, conduct assessments, and help clients strengthen their security posture.Key ResponsibilitiesConduct ISO 27001 gap assessments, internal audits, and support ISMS implementation and maintenance.Perform TPRM assessments, evaluate vendor risks, review security documentation, and recommend remediation actions.Support the development and review of security policies, procedures, SOPs, and risk registers.Conduct risk assessments and assist in designing risk treatment plans.Coordinate with stakeholders and clients to gather evidence, track compliance status, and close audit findings.Assist in preparing audit reports, dashboards, and compliance documentation.Stay updated with global security standards, industry best practices, and emerging regulatory requirements.Collaborate with cross-functional teams (IT, Security, Operations, Legal, Procurement) to ensure alignment with GRC practices.Required Skills & ExperienceMinimum 2 years of experience in GRC, ISMS, ISO 27001, and TPRM.Practical exposure to ISO 27001:2022 implementation or audits.Strong understanding of risk assessment methodologies, security controls, and compliance frameworks.Experience in vendor due diligence, security questionnaires, and TPRM workflows.Good knowledge of security governance processes and documentation management.Excellent communication, stakeholder management, and reporting skills.Preferred QualificationsISO 27001 LA/LI certification (preferred).Experience working with GRC tools (ServiceNow, Archer, OneTrust, etc.) is an advantage.Ability to work independently and meet project timelines.