Job Description

About the Role:

We are seeking a highly skilled

Senior Cybersecurity GRC Consultant

. In this role, you will be responsible for leading and executing governance, risk, and compliance activities across complex IT and cybersecurity environments. You will work closely with internal stakeholders, clients, and regulatory bodies to ensure cybersecurity programs are aligned with industry standards, compliance requirements, and best practices.


This is a key role for driving cyber resilience, improving risk posture, and enabling secure digital transformation across the organization or client environment.

Key Responsibilities:

Develop, implement, and manage

cybersecurity governance frameworks

, policies, and procedures. Conduct

risk assessments

and provide recommendations to mitigate security risks and improve controls. Lead

compliance programs

aligned with regulatory and industry standards (e.g., MAS TRM, PDPA, ISO 27001, NIST, CSA, GDPR). Support and guide teams in preparing for

audits and regulatory inspections

. Work with business and IT teams to integrate security into business processes and project lifecycles. Maintain

risk registers

, track remediation activities, and report risk posture to management. Perform

third-party risk assessments

, including vendor due diligence and contract reviews. Stay updated on emerging regulations, threats, and best practices in cybersecurity and data protection. Provide subject matter expertise and mentorship to junior team members and stakeholders.

Required Qualifications:

Bachelor's or Master's degree in

Information Security, Computer Science

, or a related field. Minimum

6-8 years of experience

in cybersecurity, with a strong focus on

GRC

. Deep understanding of

governance frameworks

and

compliance standards

such as: + MAS TRM
+ PDPA
+ ISO/IEC 27001/27005
+ NIST Cybersecurity Framework
+ CSA CCM
+ GDPR and other international privacy regulations
Experience conducting

risk assessments

, managing

audit cycles

, and

policy development

. Strong communication skills to engage and influence cross-functional teams and senior stakeholders. Proven track record of working with regulatory authorities or clients in

regulated industries

(e.g., BFSI, healthcare, government).

Preferred Certifications (Nice to Have):

CISSP

(Certified Information Systems Security Professional)

CISA

(Certified Information Systems Auditor)

CRISC

(Certified in Risk and Information Systems Control)

ISO 27001 Lead Auditor / Implementer

CGRC

(Certified in Governance, Risk and Compliance - formerly CAP)

Why Join Us:

Opportunity to work with top-tier clients in

financial services, government, and enterprise sectors

. Be at the forefront of

cybersecurity strategy and transformation

in a rapidly evolving landscape. * Collaborative team environment with access to continuous learning and development.