GRC Advisor

Job Description

Responsibilities:

Governance, Risk & Compliance

• Develop and support a continuous improvement (UCI) framework aligned with NIST CSF, ISO 27001:2022, and SOC‑CMM.
• Plan, conduct, and support internal audits.
• Assist teams in implementing improvement and remediation actions.
• Create tools, materials, and documentation to ensure audit readiness.

Cyber Crisis Management

• Support and execute the Lessons Learned process for cyber incidents and exercises.
• Lead Lessons Learned sessions and guide teams in applying recommendations.
• Contribute to the plan‑do‑check‑act cycle for crisis management and business continuity.
• Develop crisis tabletop exercises, scenarios, and related documentation.
• Participate in the cyber crisis cell to support real-time crisis response.

Experience:

• 3–5+ years in cybersecurity, GRC, incident response, or cyber crisis management.
• Practical experience with cybersecurity frameworks (ISO 27001, NIST CSF).
• Experience conducting or supporting audits and maturity assessments.
• Exposure to cyber crisis exercises, simulations, or business continuity activities.
• Experience supporting cross‑functional teams through improvement initiatives.

Qualifications:

• Bachelor’s degree in Cybersecurity, IT, Risk Management, or equivalent experience.
• Strong understanding of ISO 27001 and other cybersecurity frameworks.
• Certifications related to cybersecurity or GRC are an advantage.
• Strong presentation and communication skills in English.
• Ability to engage and influence stakeholders at all organizational levels.
• Leadership mindset with the ability to motivate teams around continuous improvement.
• Collaborative team player with strong interpersonal and cross‑disciplinary skills.