GRC Senior Consultant / Assistant Manager – Cybersecurity

Job Title:

GRC Senior Consultant / Assistant Manager – Cybersecurity

Location: Mumbai

Experience: 2+ Years

Notice Period: Immediate to Short Joiners Preferred

Role Overview

We are looking for a GRC Senior Consultant / Assistant Manager – Cyber with hands-on experience in TPRM, GRC, and ISMS engagements. The role involves supporting and leading governance, risk, and compliance initiatives across clients, working closely with internal stakeholders and client teams.

Key Responsibilities

• Execute and support Third-Party Risk Management (TPRM) assessments, including vendor risk evaluations and due diligence
• Perform GRC assessments covering policy reviews, risk identification, risk treatment, and control effectiveness
• Support ISMS implementation and maintenance aligned with ISO 27001 requirements
• Conduct risk assessments, gap assessments, and control testing across cyber and information security domains
• Assist in drafting and reviewing security policies, standards, SOPs, and risk registers
• Coordinate with client stakeholders for data collection, walkthroughs, and closure of observations
• Support internal reviews, audits, and compliance reporting
• Contribute to continuous improvement of GRC frameworks and methodologies

Required Skills & Experience

• Minimum 2+ years of relevant experience in GRC / TPRM / ISMS
• Hands-on exposure to TPRM frameworks , vendor risk assessments, and third-party governance
• Working knowledge of ISO 27001 , ISMS controls, and audit processes
• Understanding of cyber risk management, control frameworks, and compliance requirements
• Experience working with consulting or risk advisory teams is preferred
• Strong documentation, communication, and stakeholder coordination skills

Certifications (Good to Have)

• ISO 27001 Lead Implementer / Lead Auditor
• CISA / CISM / CISSP (or pursuing)