CrawlJobs Logo

Grc Consultant Risk Management

https://www.soprasteria.com Logo

Sopra Steria

Location Icon

Location:
Luxembourg , Leudelange

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Consultant capable of designing and implementing an industrialized process for Risk Management.

Job Responsibility:

  • Definition of the Risk Strategy
  • Define, formalise and maintain a structured risk analysis methodology
  • Develop and maintain templates, policies, standards, and guidance documents
  • Build an service offering for risk analysis activities
  • Harmonise practices across teams and ensure alignment with group-wide expectations
  • Industrialisation of the Risk Analysis Process
  • Design automated workflows for generating risk analyses
  • Automate data collection, pre‑population of fields, consolidation and generation of standardised deliverables
  • Continuously improve the process to reduce effort, improve quality and increase consistency
  • Work closely with customers to integrate business and operational constraints

Requirements:

  • Good knowledge of cybersecurity frameworks (ISO 27001, NIST CSF, CIS Controls)
  • Skills in IT and security risk management
  • Understanding of regulatory requirements: GDPR, DORA, eIDAS, etc.
  • Ability to draft policies, procedures, standards, and guidelines
  • Ability to coordinate multiple stakeholders (IT, Security, Business teams, HR)
  • Strong ability to produce clear and structured deliverables
  • Knowledge of CSSF constraints is an asset
  • Strong vision and expertise in CyberSecurity processes, especially IT risk analysis
  • Affinity with operational process workflows and their optimisation
  • Strong rigour and attention to detail
  • Proactive mindset and ability to take initiative
  • Strong organisational capabilities
  • Critical thinking and problem‑solving mindset
  • Client‑oriented attitude
  • Creativity, innovation, and ability to resolve complex issues
  • Ability to synthesise and simplify complex information
  • French: read, written, spoken
  • English: read, written, spoken
  • Bachelor’s/Master’s degree (Computer Science, Cybersecurity, Risk Management, Governance, Audit or equivalent)
  • Experience in GRC, cybersecurity, IT risk management, IT audit or compliance

Nice to have:

Certifications appreciated: ISO 27001 Lead Implementer / Auditor, ITIL, CISSP, CISM, CISA

What we offer:
  • Access to our Sopra Steria training and personal development academy
  • A company car lease or mobility budget
  • A company laptop and mobile phone
  • Private health insurance coverage
  • Meal vouchers
  • Social security and pension plan
  • A competitive salary

Additional Information:

Job Posted:
January 29, 2026

Icon
Sopra Steria - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Grc Consultant Risk Management

Digital Resilience and IT Risk Manager

Our COO Functional Risk Management team embedded in the Digital Resilience Area ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in using GRC tools and reporting tools (e.g., PowerBI)
  • A solid track record of achievement and continues development (can be any academic, professional, and/or sport)
  • Strong understanding of risk management frameworks and methodologies
  • Data-driven mindset with experience in data analysis and interpretation
  • excellent analytical and problem-solving skills
  • An organized and methodological approach with strong interpersonal skills
  • Possess a strong sense of curiosity and the ability to think creatively and innovatively
  • 4+ years of experience in Operational, IT, or Information Security (IS) Risk Management, Management Consulting, IT Governance, or a related field
  • Bachelor’s degree or higher in Information Technology, Engineering, Economics, Risk Management, Business Administration, or any related field
Job Responsibility
Job Responsibility
  • Support, coordinate and oversee information Risk Management Lifecycle activities performed by the 1st LoD
  • Actively contributes to identifying improvements and assist in adapting the Risk Management frameworks to address our rapidly evolving risk landscape
  • Coordinate thorough risk assessments to identify, evaluate and mitigate information risks across the organization
  • Ensure adherence to relevant regulatory requirements and internal policies related to information risk management as well as preparing detailed reports and presentations on risk findings, trends and recommendations for senior management and stakeholders
  • Utilize data analytics to support risk assessments, decision-making processes and to drive insights that enhance risk management strategies
  • Work closely with various business units, IT, IS, Risk and compliance teams to ensure alignment and integration of risk management practices
  • Utilize new technologies and feature within our organizational setup to enhance, scale, and optimize existing risk management processes
  • Develop and deliver training programs to enhance awareness and understanding of information risk management across the organization
  • Foster a risk-driven culture and advocate for the benefits of risk management whilst engaging with leadership and functional leads to ensure alignment and support
What we offer
What we offer
  • We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad
  • We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)
  • From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered
  • Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach
  • Fulltime
Read More
Arrow Right

GRC Consultant

Sopra Steria offers tailored, end-to-end corporate technology and software solut...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in the domain
  • extensive experience with information security management systems (ISMS), compliance audits and ensuring security-by-design
  • interest in AI security developments
  • familiarity with IT processes based on e.g. ITIL
  • knowledge of standards and legislations such as ISO2700x, NIS2, GDPR, AI and Cyber Fundamentals
  • experience working in the EU or public sector, navigating complex projects
  • fluency in English, French and/or Dutch
  • certifications such as CISSP, CISA, CISM, CRISC or ISO27001 - Lead Implementor or Lead Auditor, AI risk management (ISO42001) is desirable.
Job Responsibility
Job Responsibility
  • design and develop secure solutions to complex application problems - deliver clients projects end-to-end, interfacing across stakeholders
  • implement hardening controls using CIS benchmark across different system components and applications to reduce attack surface
  • lead risk assessments, identification, analysis, treatment, and monitoring across clients
  • perform BCPs, draft Security Plans and roadmaps, ensure third-party risk management
  • cooperate with key stakeholders such as CISO
  • implement/support DevSecOps processes and security engineering review of code and IT configuration
  • support internal and external audits including audit planning, evidence gathering, gap analysis, and remediation tracking
  • support business development and GRC team in driving NIS2 and AI security initiatives and projects
  • support presale process by drafting and leading relevant offers, RFPs, etc.
What we offer
What we offer
  • extensive career development opportunities, both local and international
  • participation in Sopra Steria Academy
  • dynamic network of 56,000 professionals
  • wide array of offices to explore to find ideal location
  • Fulltime
Read More
Arrow Right

Junior GRC Cybersecurity Consultant

We are seeking an enthusiastic and communicative Junior GRC Cybersecurity Consul...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master/Bachelor's degree in Cybersecurity, Computer Science/IT, Business/Information Management, or related field
  • 1-2 years of experience in information security, risk management or IT
  • Basic understanding of ISMS, Risk Management, and Information Security principles
  • Familiarity with compliance standards and legislations (e.g., ISO27001, NIS2, CyberFundamentals, etc.)
  • Basic knowledge of common security tools and best-practices
  • Strong analytical and problem-solving skills
  • Excellent communication and teamwork abilities
  • Fluency in French and/or Dutch, + English
Job Responsibility
Job Responsibility
  • Assisting in the development and maintenance of cybersecurity policies, standards, processes and procedures based on frameworks like ISO 27001, CyberFundamentals, NIST, etc.
  • Joining security maturity assessments, audits and gap analyses to improve the organization's cyber resilience (e.g. with regards to NIS2)
  • Supporting risk treatment plans, including tracking mitigation actions and following up with the responsible teams
  • Contribute to third-party/vendor risk assessments by reviewing security questionnaires and analyzing risks associated with external partners
  • Assisting in the development and delivery of security awareness training sessions for employees
What we offer
What we offer
  • Extensive career development opportunities
  • Access to the Sopra Steria Academy for continuous learning, including industry-recognized certification paths
  • Opportunity to work on diverse and challenging projects in different industries
  • Collaborative team environment in a major European tech company
  • Competitive salary with an indefinite contract
  • Wide range of benefits
  • Access to Sopra Steria training and personal development academy
  • Friendly work atmosphere
  • Fulltime
Read More
Arrow Right

Cyber Security ITRM Consultant

Responsible for developing, implementing, and maintaining the organisation's IT ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in IT Risk Management frameworks, threat modelling, and risk scenario planning
  • Strong understanding of regulatory requirements and compliance frameworks
  • Expertise in GRC platforms (ServiceNow GRC, RSA)
  • Proficiency in risk scoring methodologies and control gap analysis
  • 8-12 years experience
  • Education: B.E./ B.Tech./MCA
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments: identification, impact analysis, heatmap/matrix creation, inherent vs. residual risk scoring, and control gap analysis
  • Perform threat modelling and develop detailed risk scenarios for IT infrastructure, applications, and cloud environments
  • Align IT risk practices with industry frameworks and standards (ISO 27005/27001, NIST RMF, PCI DSS, DORA)
  • Evaluate and maintain IT controls and security posture, recommending enhancements where necessary
  • Support internal and external IT audit processes, ensuring timely remediation of findings
  • Work with GRC teams (ServiceNow GRC, RSA) to track and manage risk compliance workflows
  • Prepare and present risk dashboards, KRIs, and management reports to senior leadership
  • Fulltime
Read More
Arrow Right

Medior-Senior GRC Consultant - Regulatory and Compliance focus

We ensure that all operations, digital or otherwise, meet the latest quality and...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience in the Cybersecurity business landscape
  • Proficiency in Dutch and English is mandatory
  • Advanced knowledge of the 'cyber regulatory area'
  • Understanding of AI Act, DORA is a plus
  • Strong experience in performing Compliance Maturity assessments, Data Protection Impact Assessments and to apply Data protection by Design/By default and risk-based approach, perform quality legal compliance analyses and produce good quality reports
  • ISO27001 certification is a plus, experience in ITSRM, and a good understanding of compliance-oriented projects
  • Strong knowledge of PM roles and the ability to independently handle content-oriented missions
  • Client-oriented with the ability to navigate the EU and national regulatory environment, engaging with various stakeholders (regulators, EU, CISO, DPO)
  • A hands-on approach with a solution-oriented mindset, capable of effective communication within the business environment
  • Independence in client-oriented projects and adept at identifying opportunities
Job Responsibility
Job Responsibility
  • Lead regulatory compliance projects
  • Interpret complex legislation such as AI Act and DORA
  • Apply technical knowledge in cybersecurity to enhance the company’s security posture
  • Contribute to pre-sales activities
  • Draft RFPs
  • Understand the broader EU and national business landscapes
What we offer
What we offer
  • Extensive career development opportunities
  • Dynamic network of 56,000 professionals
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Director, GRC, Privacy, & Trust

We’re looking for an experienced security leader to grow and mature the Governan...
Location
Location
United States; Canada
Salary
Salary:
258000.00 - 350000.00 USD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years leading GRC and privacy programs, including experience with international audits, risk management frameworks, and privacy regulations
  • 5+ years experience managing individual contributors as well as experience managing other managers
  • Proven expertise in policy development, risk assessment, compliance monitoring, and privacy program management
  • Passion for fostering psychological safety and stability in complex compliance environments
  • Hands-on experience with various information security and privacy compliance frameworks such as SOC 2 Type II, ISO 27001, FedRAMP, CMMC, GDPR, and CPRA
  • Experience with security and privacy automation tools for compliance monitoring and knowledge management
  • Experience leading company-wide compliance initiatives, securing buy-in for security and privacy policies, and leading cross functional programs
  • Experience partnering on customer contracts, including security addendums and compliance terms, balancing customer expectations and business needs
  • Exceptional written and verbal communication skills with ability to communicate effectively with executives, legal counsel, and stakeholders
  • Experience managing third-party risk, vendor assessments, and external auditors
Job Responsibility
Job Responsibility
  • Lead and mentor the GRC and Privacy Engineering team, fostering career growth and high performance
  • Drive the organization's risk management strategy and oversee the implementation of risk assessment frameworks
  • Develop and maintain information security and privacy policies, ensuring regular reviews and updates
  • Establish strong partnerships across departments to align on security and compliance initiatives
  • Engaging with customers, in partnership with Sales and Legal, to represent security in RFPs, due diligence, and security assessments
  • Oversee 1Password’s various information security and privacy certification processes ensuring compliance with relevant frameworks and regulations
  • Monitor and report on compliance metrics and program effectiveness
  • Partner with legal and security teams to assess and mitigate business, technical, and regulatory risks
  • Oversee relationships with external auditors and consultants
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • Generous PTO policy
  • Four company-wide wellness days
  • Company equity for all full-time employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Employee-led inclusion and belonging programs and ERGs
  • Peer-to-peer recognition through Bonusly
  • Fulltime
Read More
Arrow Right
New

Incident Response, Program Manager

This role will be responsible for execution and program management of Incident R...
Location
Location
United States , Menlo Park
Salary
Salary:
122000.00 - 180000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in program management, consulting, business operations, technical program management, incident management, risk management, compliance management, or other GRC operational discipline
  • 3+ years of experience leading large, technical, cross-functional projects and/or programs
  • 3+ years of direct experience working in corporate privacy incident response or security/privacy compliance functions (e.g., GDPR, CCPA, SOC2)
  • 1+ years work experience collaborating directly with technology product management and engineering teams
  • Set priorities, multi-task and work with autonomy in a rapidly changing workplace environment
  • Bachelor’s degree or higher
Job Responsibility
Job Responsibility
  • Plan and drive cross-functional incident management projects involving Legal, Policy, Communications, Product, and Engineering teams for complex risk incidents across all risk pillars (e.g. privacy, security, integrity, and AI)
  • Implement and execute ongoing management of compliance operations for incident management across privacy and other risk pillars. Ensure processes and controls meet regulatory obligations and internal standards
  • Build and maintain relationships with stakeholders across Legal, Product, and Engineering to drive alignment and prioritization of incident management and compliance activities for assigned cases
  • Translate technical and compliance details into clear, actionable communications for wide-ranging audiences from executives to engineers. Deliver concise updates and recommendations on incident status, compliance posture, and impact to stakeholders and Risk Organization leadership
  • Perform retrospectives to understand the root cause of incidents and support feedback loops to reduce future incidents and improve incident management processes
  • Advise on industry standards related to incident response and risk oversight practices
  • Identify, champion, and implement process improvements to increase the efficiency and effectiveness of incident management and compliance operations
  • Project manage and prioritize work based on urgency and complexity while building operational cadences across technical and operational teams to coordinate work
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy