CrawlJobs Logo

Senior GRC Consultant

nttdata.com Logo

NTT DATA

Location Icon

Location:
United Kingdom , London

Category Icon
Category:
Consulting

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Information Security Analyst will be responsible for maintaining and enhancing the organization's information security measures. This role requires significant experience in Information Security and Governance Risk Compliance (GRC), with a strong understanding of risk management methodologies and international security standards. The candidate must be proficient in English and German, with the ability to analyze risks and prepare reports. The position offers opportunities for professional growth within a leading technology services company.

Job Responsibility:

  • Maintain the Information Security Management System (ISMS) in accordance with ISO 27001
  • Conduct audit against Telecommunications Security Act (TSA) and other applicable local and regional compliance standards
  • Analyze and evaluate internal projects to identify risks and define appropriate compensatory measures
  • Prepare and present reports on information security including areas for improvement
  • Manage and update content for the information security awareness platform for employees and key suppliers, ensuring up-to-date training on information and cybersecurity best practices
  • Research and recommend security enhancements and improvements.

Requirements:

  • Significant experience in Information Security and GRC
  • Strong understanding of risk management methodologies and international security standards (e.g., ISO 27001, US NIST, TSA, etc.) and the ability to assess risks, identify vulnerabilities, etc.
  • Familiarity with data privacy legislation such as EU GDPR
  • Experience maintaining and auditing Information Security Management Systems (ISMS) in line with ISO 27001
  • Customer service-oriented with the ability to build strong relationships with internal stakeholders
  • Analytical and creative thinking skills, with the ability to identify pragmatic solutions
  • The ability to organize the daily work schedule and delegate where necessary
  • Strong verbal and written proficiency in English and German.
What we offer:
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options.

Additional Information:

Job Posted:
March 19, 2026

Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior GRC Consultant

Medior-Senior GRC Consultant - Regulatory and Compliance focus

We ensure that all operations, digital or otherwise, meet the latest quality and...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience in the Cybersecurity business landscape
  • Proficiency in Dutch and English is mandatory
  • Advanced knowledge of the 'cyber regulatory area'
  • Understanding of AI Act, DORA is a plus
  • Strong experience in performing Compliance Maturity assessments, Data Protection Impact Assessments and to apply Data protection by Design/By default and risk-based approach, perform quality legal compliance analyses and produce good quality reports
  • ISO27001 certification is a plus, experience in ITSRM, and a good understanding of compliance-oriented projects
  • Strong knowledge of PM roles and the ability to independently handle content-oriented missions
  • Client-oriented with the ability to navigate the EU and national regulatory environment, engaging with various stakeholders (regulators, EU, CISO, DPO)
  • A hands-on approach with a solution-oriented mindset, capable of effective communication within the business environment
  • Independence in client-oriented projects and adept at identifying opportunities
Job Responsibility
Job Responsibility
  • Lead regulatory compliance projects
  • Interpret complex legislation such as AI Act and DORA
  • Apply technical knowledge in cybersecurity to enhance the company’s security posture
  • Contribute to pre-sales activities
  • Draft RFPs
  • Understand the broader EU and national business landscapes
What we offer
What we offer
  • Extensive career development opportunities
  • Dynamic network of 56,000 professionals
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right

Cyber Security ITRM Consultant

Responsible for developing, implementing, and maintaining the organisation's IT ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in IT Risk Management frameworks, threat modelling, and risk scenario planning
  • Strong understanding of regulatory requirements and compliance frameworks
  • Expertise in GRC platforms (ServiceNow GRC, RSA)
  • Proficiency in risk scoring methodologies and control gap analysis
  • 8-12 years experience
  • Education: B.E./ B.Tech./MCA
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments: identification, impact analysis, heatmap/matrix creation, inherent vs. residual risk scoring, and control gap analysis
  • Perform threat modelling and develop detailed risk scenarios for IT infrastructure, applications, and cloud environments
  • Align IT risk practices with industry frameworks and standards (ISO 27005/27001, NIST RMF, PCI DSS, DORA)
  • Evaluate and maintain IT controls and security posture, recommending enhancements where necessary
  • Support internal and external IT audit processes, ensuring timely remediation of findings
  • Work with GRC teams (ServiceNow GRC, RSA) to track and manage risk compliance workflows
  • Prepare and present risk dashboards, KRIs, and management reports to senior leadership
  • Fulltime
Read More
Arrow Right

Senior Associate Security Consultant (GRC)

The Senior Associate Security Consultant is responsible for developing expertise...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field
  • Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential
  • Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment
  • Moderate level of experience with security architecture design principles
  • Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others
  • Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others
  • Strong interest in cybersecurity and a desire to learn and grow in the field
  • Knowledge of basic cybersecurity concepts, principles, and best practices
  • Familiarity with common security tools and technologies is a plus
  • Excellent analytical and problem-solving skills
Job Responsibility
Job Responsibility
  • Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems
  • Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies
  • Prepares and maintains documentation, including security assessment reports, findings, and recommendations
  • Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies
  • Learns and uses various security tools and technologies for assessments and monitoring
  • Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices
  • Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements
  • Communicates effectively with clients to understand their security needs and concerns
  • Participates in training programs and certifications to develop expertise in cybersecurity
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

As a Senior Security Technical Architect at NTT DATA, you will design complex se...
Location
Location
Philippines , Metro Manila
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess at least 8 years of working experience related to information security consulting with a minimum of 5 years of hands-on experiences on GRC practice areas
  • Required degree level education, or significant experience and track record with tertiary qualifications on relevant domains, including computer science, computer engineering and information security
  • Information security and audit certifications such as ISO 27001 LI, ISO 27001 LA, CISA, CRISC, CISSP
  • Experienced in supporting consulting pre-sales work (e.g. writing SoWs, proposals etc.)
  • Demonstrate excellent skills in structured problem solving techniques, creativity and intelligence in the development of solutions to customer problems
  • Be self-motivated and self-disciplined with a demonstrable and successful track record in delivering consultancy projects to all sizes of organizations
  • Must have good presentation skills with the ability to present to audiences of both business and IT stakeholders
  • Must have good written communication and report writing skills
  • Must be a good team player
  • Demonstrates commitment to delivering projects within time and in budget and to a high level of client satisfaction
Job Responsibility
Job Responsibility
  • Deliver and lead GRC (Governance, Risk and Compliance) security consulting projects covering the following key areas: ISMS (ISO27001) Advisory
  • Security Maturity/Posture Assessments
  • Third party security assessments
  • Cloud Security posture assessments
  • Risk assessments
  • PCI DSS Gap Analysis
  • Security compliance assessments
  • Information security framework design (policies, processes and procedures)
  • Support security consulting pre-sales work (e.g. writing SoWs, proposals etc.)
  • Be flexible to acquire new skills and show willingness in learning/re-learning and un-learning things as needed for the success of this role and the overall security consulting practice
  • Fulltime
Read More
Arrow Right

Senior RSA Archer GRC Consultant – Enterprise / Government Projects

Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Archer Certified Professional (ACP) OR Level 3 Archer Certified Administrator – Expert Certification
  • Expert-level knowledge of RSA Archer platform architecture, data model, configuration, and workflow design
  • Strong understanding of GRC processes, risk management, compliance frameworks, and security control assurance
  • Experience integrating Archer with enterprise platforms via REST APIs and web services
  • Proficiency in JavaScript and jQuery for client-side customization
  • Ability to translate complex business requirements into scalable technical solutions
  • Strong documentation, communication, and stakeholder engagement skills
  • Experience working in structured, change-controlled enterprise environments
  • Ability to work independently on complex technical implementations
Read More
Arrow Right

Security Consultant GRC

The Security Consultant (GRC) role involves leveraging expertise in Governance, ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years' varied experience in information security, data protection, risk management, enterprise IT, legal or (relevant) compliance roles
  • Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS/NIS2, DORA, UK CNI / OT / IIOT compliance
  • Hands-on experience building credibility with external stakeholders, including enterprise clients, critical system vendors, certification auditors and regulatory bodies
  • Proven leadership skills with the ability to guide and mentor teams, as well as influence and collaborate with senior stakeholders in a similar GRC, security, or risk management role
  • A hands-on approach with the ability to balance strategic oversight with direct involvement in security tasks
  • Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders
  • The ability to explain complex topics to a diverse range of audiences
  • Strong attention to detail and the ability to deliver high quality work
  • A valid right to work in the UK
  • Eligible to obtain UK SC clearance
Job Responsibility
Job Responsibility
  • Governance: directs, oversee, designs, implements or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage cyber and information security at an enterprise level
  • Policy and Procedure Management: directs, develops or maintains organisational cyber and information security policies, standards and processes, using recognised standards (e.g. the ISO/ IEC 27000 family, NIST CSF) where appropriate
  • Risk Management: develops cyber and information security risk management strategies and controls, considering business needs, balancing technical, physical, procedural and personnel controls
  • Data Privacy: directs, oversee, designs, implements, contributes to, or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls to manage the protection of personal data, privacy and human rights
  • Internal Controls Oversight: Establish and monitor internal controls to safeguard data and assets, conducting regular reviews and audits
  • Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities
  • Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right
New

Senior Information Assurance Consultant

Senior Information Assurance Consultant (Projects & Emerging Technology) £65,365...
Location
Location
United Kingdom , Oxfordshire
Salary
Salary:
65365.00 GBP / Year
datacareers.co.uk Logo
DataCareers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in Information Assurance, IT Risk or GRC within a regulated environment
  • Experience of working across full project lifecycles
  • Comfortable operating with a high degree of autonomy
  • Ability to manage own workload and work directly with stakeholders across technical and non-technical teams
  • Pragmatic, solutions-focused approach
Job Responsibility
Job Responsibility
  • Leading Information Assurance activity across complex ICT projects and programmes
  • Supporting system accreditation and ensuring alignment with national and local standards
  • Assessing and articulating risk across modern technology environments, including SaaS and cloud
  • Embedding 'secure by design' principles into delivery lifecycles
  • Producing and reviewing key security documentation, including risk assessments and design artefacts
  • Advising stakeholders on appropriate, proportionate and practical controls
  • Supporting the development of IA standards, policies and approaches
  • Providing guidance and informal mentoring to other team members
  • Engaging confidently with stakeholders across technical teams, business areas and suppliers
  • Fulltime
Read More
Arrow Right