GRC

GRC Consultant 

We’re looking for a GRC Consultant to join our growing team and help organizations navigate the evolving world of cyber regulations and risk management.

In this role, you’ll lead and support end-to-end GRC processes for our clients — from risk assessments to regulatory compliance — while providing expert guidance on cybersecurity and information security best practices.

What you’ll do:

*Conduct risk assessments for a variety of clients across industries
* Lead and implement GRC processes, ensuring compliance with standards and regulations (NIS2, GDPR, ISO 27001, etc.)
* Develop and implement information security policies, procedures, and frameworks
* Advise clients on regulatory requirements and build actionable compliance roadmaps
* Perform security assessments across multiple domains, including supply chain and information systems
* Support organizations in meeting privacy and data protection regulations

What we’re looking for:

* Bachelor’s degree in a relevant field (Industrial Engineering & Management, Business Administration, Law, or similar)
* Training and/or certifications in GRC, cybersecurity, or information security (CISO, CISM, DPO, CRISC, ISO 27001 Lead Auditor)
* At least 2 year of hands-on experience in GRC, risk management in cybersecurity
* Strong understanding of international cybersecurity regulations and standards
* Proven ability to manage projects and lead risk assessment processes in a team environment
* Analytical thinking, problem-solving skills, and a proactive mindset