GRC Consultant

Overview:

The GRC Consultant will coordinate the creation, review and implementation of policies and
procedures established by the agencies that regulate the company. He/ She will apply and
interpret audit and compliance requirements for various departments. He/ She will interact
with external auditors on matters related to audits of the organisation's internal controls,
and assess potential fraud activity, plus develop fraud detection tools and make the client
organization ready for audits and compliance adherence.

Job Schedule: 9×5 Business support hours

Qualifications –

• BSc / BCA / BE / Diploma / MCA / MSc or equivalent
• Min 5 years of industry experience Governance, Risk and Compliance domain with consulting and advisory role.
• Excellent communicator, written and verbally
• A strong customer/client focus, with a proven ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.
• Ability to mentor and train junior colleagues and act as an escalation point
• Ability to interact with personnel at all levels and across all business units within the
  organisations, and to comprehend business imperatives.
• Strong leadership abilities, with the capability to guide team members and to work
  with only minimal supervision.
• Can demonstrate consistency in their work attitude: Proficiency in performing risk and business impact assessments.

Job Skills:

• Good understanding of, and experience with Information Risk Management, IT
  Security and Compliance and Security Controls and Audit.
• Advanced understanding of internal and external IT security standards, SOX, PCI,
  SOC2/1, ISO27001 standards and relevant legal compliance aspects.
• Robust understanding of, and solid experiences with the impact of Security on
  application development and operations as well as the IT Infrastructure.
• Ability to promote high performance teams, working with inclusiveness and cultural
  diversity, across organizational boundaries.
• Good understanding of cloud security requirements and third-party control
  assurance.
• Ability to interface with different groups (Third parties, Business and IT) internal and
  external to IT (security) and to network globally across Group businesses, as well as
  with external groups.
• ISO Certified- ISO 27001:2005, ISO-22301
• Knowledge of Data Security Standards: PCI DSS, Privacy Principles
• Has working knowledge on QEV/CBN
• Has implemented QEV/CBN practices.
• Driving Platform / Application security and compliance

Ability to foresee and identify mitigation strategies for Candidate must also:

• Display excellent communicating and influencing skills
• Display analytical and problem solving skills
• Be pro-active and self-motivated
• Display strong interpersonal and negotiating skills with all levels of staff.
• Display Ability and eagerness to quickly learn new technologies.