GRC Consultant​/Senior Consultant

Position: GRC Consultant / Senior Consultant
Job Title:

GRC Consultant / Senior Consultant

Location:

Gurgaon

Experience:

2–6 Years

Employment Type:

Full-time
Joining:  Immediate Joiner Preferred

Role Overview
We are seeking a  GRC Consultant / Senior Consultant  with experience in  IT Audit and Information Security Management Systems (ISMS)  to support risk, compliance, and information security engagements. The candidate will assist organizations in implementing governance frameworks, strengthening IT controls, and ensuring compliance with security standards.

Key Responsibilities
Perform  IT audits and IT General Controls (ITGC) assessments  across applications and infrastructure.
Support  ISMS implementation and audits  aligned with ISO 27001 standards.
Conduct  risk assessments, gap assessments, and control evaluations  for clients.
Assist in developing and maintaining  information security policies, procedures, and documentation .
Evaluate  IT processes, access management, change management, and security controls .
Support  compliance initiatives such as ISO 27001, SOC 2, and other regulatory frameworks .
Prepare  audit reports, risk findings, and remediation recommendations .
Coordinate with client stakeholders to gather evidence and support  audit and compliance activities .
Assist in  internal audits, external audits, and certification readiness activities .
Required Skills
2–6 years of experience in  IT Audit, GRC, or Information Security .
Hands-on experience with  ISMS implementation or ISO 27001 audits .
Understanding of  ITGC controls including access management, change management, and IT operations .
Familiarity with  risk assessment methodologies and compliance frameworks .
Strong  documentation, analytical, and reporting skills .
Ability to interact effectively with  technical and business stakeholders .

Preferred Qualifications
Bachelor’s degree in  Information Technology, Computer Science, or related field .
Certifications such as  ISO 27001 Lead Implementer/Lead Auditor, CISA, or similar  (preferred).
Experience working in  consulting, risk advisory, or audit environments .
Key Competencies
IT Audit & ITGC
ISMS / ISO 27001
Risk & Compliance (GRC)
Control Assessment & Documentation
Stakeholder Communication