[Hiring] Governance, Risk, and Compliance (GRC) SME - Senior Consultant @Infosys Consulting - Europe

Role Description

We are looking for a highly skilled Cyber GRC (Governance, Risk, and Compliance) Senior Consultant to help organizations strengthen their cybersecurity posture, manage cyber risks, and ensure regulatory compliance. The ideal candidate will have deep expertise in cybersecurity frameworks, risk management, regulatory compliance, and security governance.

As a Cyber GRC Senior Consultant, you will collaborate with client security, IT, and compliance teams to direct and oversee the development and implementation of cybersecurity policies, conduct risk assessments, and ensure adherence to global security standards and regulations.

Key Responsibilities:

• Work on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization.
• Contribute to the development of consulting go to market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks.
• Direct and lead NIST CSF risk assessments.
• Oversee the design of innovative new services to lead the market incorporating AI and ML where it brings value.
• Support presales, sales, and account management pursuits from a subject matter expert perspective.

Qualifications

• A relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security).
• 1-5 years+ in the field of cyber security/infosec.
• A broad business skill set including stakeholder management, problem-solving, and resilience.
• Experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences.
• Excellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency).
• Project-related mobility/willingness to travel.

Requirements

• A good understanding of NIST CSF.
• A post graduate degree in cyber/information security.
• An understanding of ISO27001, NIS2, SOX, GDPR, DORA.
• Cyber Due Diligence Assessments.
• Third-Party & Supply chain Cyber Risk Management.
• Incident Response Plan review.
• Supporting bids, RFP responses and proposals.
• Crisis Management Exercises (CMX).
• Accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM.
• Helped design Target Operating Models (TOMs) and RACI Matrices.
• Helping the design of Cyber Security Roadmaps.
• Supporting Post Incident Reviews.
• Reading and summarising Cyber Threat Intelligence reports.
• Cyber security compliance programs (GDPR, DORA, ISO27001, NIS2, SOX).
• Cyber Security Risk Assessments or Maturity Assessments.
• Design and deliver awareness training.
• Worked on Identity and Access Management projects.
• Worked on Privileged access management projects.

Benefits

• Industry-leading compensation and benefits.
• Top training and development opportunities.