Job Description
Job Title:
GRC Senior Consultant / Assistant Manager – Cybersecurity
Location: Mumbai
Experience: 2+ Years
Notice Period: Immediate to Short Joiners Preferred
Role Overview
We are looking for a GRC Senior Consultant / Assistant Manager – Cyber with hands-on experience in TPRM, GRC, and ISMS engagements. The role involves supporting and leading governance, risk, and compliance initiatives across clients, working closely with internal stakeholders and client teams.
Key Responsibilities
Execute and support Third-Party Risk Management (TPRM) assessments, including vendor risk evaluations and due diligence
Perform GRC assessments covering policy reviews, risk identification, risk treatment, and control effectiveness
Support ISMS implementation and maintenance aligned with ISO 27001 requirements
Conduct risk assessments, gap assessments, and control testing across cyber and information security domains
Assist in drafting and reviewing security policies, standards, SOPs, and risk registers
Coordinate with client stakeholders for data collection, walkthroughs, and closure of observations
Support internal reviews, audits, and compliance reporting
Contribute to continuous improvement of GRC frameworks and methodologies
Required Skills & Experience
Minimum 2+ years of relevant experience in GRC / TPRM / ISMS
Hands-on exposure to TPRM frameworks , vendor risk assessments, and third-party governance
Working knowledge of ISO 27001 , ISMS controls, and audit processes
Understanding of cyber risk management, control frameworks, and compliance requirements
Experience working with consulting or risk advisory teams is preferred
Strong documentation, communication, and stakeholder coordination skills
Certifications (Good to Have)
ISO 27001 Lead Implementer / Lead Auditor
CISA / CISM / CISSP (or pursuing)
GRC Senior Consultant / Assistant Manager – Cybersecurity
Location: Mumbai
Experience: 2+ Years
Notice Period: Immediate to Short Joiners Preferred
Role Overview
We are looking for a GRC Senior Consultant / Assistant Manager – Cyber with hands-on experience in TPRM, GRC, and ISMS engagements. The role involves supporting and leading governance, risk, and compliance initiatives across clients, working closely with internal stakeholders and client teams.
Key Responsibilities
Execute and support Third-Party Risk Management (TPRM) assessments, including vendor risk evaluations and due diligence
Perform GRC assessments covering policy reviews, risk identification, risk treatment, and control effectiveness
Support ISMS implementation and maintenance aligned with ISO 27001 requirements
Conduct risk assessments, gap assessments, and control testing across cyber and information security domains
Assist in drafting and reviewing security policies, standards, SOPs, and risk registers
Coordinate with client stakeholders for data collection, walkthroughs, and closure of observations
Support internal reviews, audits, and compliance reporting
Contribute to continuous improvement of GRC frameworks and methodologies
Required Skills & Experience
Minimum 2+ years of relevant experience in GRC / TPRM / ISMS
Hands-on exposure to TPRM frameworks , vendor risk assessments, and third-party governance
Working knowledge of ISO 27001 , ISMS controls, and audit processes
Understanding of cyber risk management, control frameworks, and compliance requirements
Experience working with consulting or risk advisory teams is preferred
Strong documentation, communication, and stakeholder coordination skills
Certifications (Good to Have)
ISO 27001 Lead Implementer / Lead Auditor
CISA / CISM / CISSP (or pursuing)
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application