We're seeking a Senior Compliance & GRC Consultant to lead our rapidly growing compliance practice. You'll guide enterprise clients through their security certification journeys, from initial gap assessments to successful certification audits. With our new CERT-In empanelment opening doors across PAN-India markets, this role offers exceptional growth potential.

Key Responsibilities

• Lead ISO 27001, ISO 27701, and ISO 20000-1 implementation projects from initiation to certification

• Conduct comprehensive gap assessments and maturity evaluations

• Design and implement Information Security Management Systems (ISMS)

• Perform internal audits and prepare organizations for certification audits

• Develop information security policies, procedures, and controls

• Guide clients through SOC 2 Type I & II compliance journeys

• Ensure compliance with Indian regulations (CERT-In directives, RBI guidelines, DPDP Act)

• Conduct risk assessments using ISO 31000 and NIST frameworks

• Lead business continuity and disaster recovery planning initiatives

• Manage multi-framework compliance programs for enterprise clients

• Train client teams on security awareness and compliance requirements

Essential Requirements

• Experience: 6-10 years in information security compliance and GRC

• Certifications (Mandatory):

  • ISO 27001 Lead Auditor (IRCA/PECB/Exemplar certified)

  • ISO 27001 Lead Implementer

• Certifications (Preferred):

  • CISA, CRISC, or CGRC

  • ISO 22301, ISO 27701, or ISO 27017/27018 credentials

• Domain Expertise:

  • Proven track record of successful ISO 27001 implementations (minimum 5 projects)

  • Deep understanding of Indian regulatory landscape

  • Experience with risk assessment methodologies

  • Knowledge of data privacy regulations (DPDP, GDPR)

• Skills:

  • Excellent stakeholder management and communication

  • Strong documentation and technical writing abilities

  • Project management capabilities

  • Ability to translate technical risks into business language

Preferred Qualifications

• CERT-In empanelment experience

• Banking sector compliance (RBI guidelines, PCI DSS)

• Healthcare compliance (HIPAA, ABDM)

• Experience with GRC tools (MetricStream, ServiceNow, Archer)

• Cloud compliance frameworks (CSA CCM, ISO 27017)

• Certified Data Privacy Officer (CDPO) or equivalent

What We Offer

• Competitive Package

• High-Value Projects: Lead compliance engagements worth ₹28-50 lakhs

• CERT-In Advantage: Leverage our empanelment for prestigious government projects

• Professional Growth: Clear path to Practice Head role

• Certification Support: Funding for advanced certifications

• Diverse Portfolio: Work across banking, healthcare, technology, and government sectors

• Thought Leadership: Opportunity to develop frameworks and methodologies

Location

Primary: Kochi/Kozhikode, Kerala (Remote work available with periodic travel for client audits)

How to Apply

Send your detailed CV along with:

1. List of ISO 27001 implementations you've led (with outcomes)

2. Brief case study of your most complex compliance project

3. Sample ISMS document you've developed (sanitized)