GRC Consultant

Job Summary:

GRC (Governance, Risk & Compliance) Consultant

ISO 27001, GDPR,

Key Responsibilities:

1. Governance, Risk & Compliance (GRC):

• Conduct risk assessments and implement mitigation plans.
• Design, implement, and monitor GRC frameworks aligned with business objectives and industry best practices.
• Support clients in achieving and maintaining certifications such as ISO 27001, SOC 2, and HIPAA.

2. Privacy & Data Protection:

• Conduct

  Privacy Impact Assessments (PIAs)

  and

  Data Protection Impact Assessments (DPIAs).

• Implement and assess

  GDPR

  and

  DPDP Act

  compliance requirements, including consent management, data subject rights, and breach response procedures.
• Develop privacy policies, notices, and data retention frameworks.
• Work closely with legal and IT teams to ensure privacy-by-design and privacy-by-default principles are applied.

3. Audit & Compliance:

• Prepare and support internal/external audits and certification reviews.
• Ensure documentation, controls, and processes meet audit requirements.

4. Policy & Awareness:

• Draft and maintain security and privacy policies, procedures, and awareness materials.
• Conduct compliance and privacy training for internal teams and client organizations.

5. Client Engagement:

• Lead or support end-to-end implementation of compliance projects (ISO 27001, SOC 2, GDPR, HIPAA).
• Advise clients on regulatory trends and data protection best practices.

Required Skills and Qualifications:

• 3 - 5years of relevant experience in GRC, information security, or compliance consulting
• ISO 27001:2022

  Lead Auditor Certification

• Experience with

  GDPR readiness assessments

  and SOC 2 control frameworks (mandatory)
• Strong understanding of risk management, audit, and control processes
• Excellent

  verbal and written communication skills in English

• Ability to work independently and manage multiple client engagements

Preferred:

• Experience working with startups, SaaS companies, or cloud-native environments
• Exposure to compliance automation tools or platforms

Why Join us:

• Opportunity to work on real-world compliance projects
• Exposure to leading security compliance frameworks
• A collaborative work environment with learning and growth opportunities