Information Security Consultant

Title : Information Security Consultant (5-15 Years Experience)

Position: GRC Consultant

Experience Required: 5-15 Years

Location: Hyderabad

Employment Type: Full-time

About the Role

We are looking for a skilled and proactive Governance, Risk & Compliance (GRC) Consultant with 5-15 years of hands-on experience in implementing and managing international cybersecurity and data protection standards. The ideal candidate will have strong exposure to GDPR, ISO 27001, ISO 42001, SOC 2 Type II, and enterprise risk management practices.

Key Responsibilities

• Conduct GRC assessments, maturity reviews, and compliance gap analysis across various international standards and regulations.
• Implement and maintain governance frameworks including ISO 27001 ISMS, ISO 42001 AI Management System, SOC 2 Type II controls, GDPR compliance, and other global standards.
• Develop and review policies, procedures, standards, and guidelines covering security, privacy, and risk management.
• Perform risk assessments, create risk registers, track mitigation plans, and support risk treatment strategies.
• Lead stakeholder workshops, awareness sessions, and compliance training programs.
• Support clients through certification audits, internal audits, and external assessor engagements.
• Prepare compliance reports, audit documentation, evidence collection, and dashboard presentations.
• Monitor regulatory updates and evolving best practices for continuous improvement.
• Collaborate with technical teams, legal teams, and management to ensure alignment of security and compliance goals.

Required Skills & Qualifications

• 5–15 years of relevant experience in GRC, cyber security compliance, or information security consulting.
• Practical knowledge of:
• GDPR compliance requirements
• ISO 27001:2022 Information Security Management System
• ISO 42001 Artificial Intelligence Management System
• SOC 2 Type II Trust Services Criteria (Security, Availability, Confidentiality, etc.)
• Hands-on experience in policy creation, risk management, audit readiness, evidence collection, and compliance reporting.
• Strong understanding of IT general controls (ITGC), data protection principles, and security governance.
• Ability to draft professional documentation clearly and concisely.
• Good communication, presentation, and stakeholder management skills.

Preferred Qualifications (Added Advantage)

• Experience with NIST CSF, ISO 27701, PCI DSS, or local privacy regulations (PDPL, DPDPA, etc.).
• Prior experience working with GRC tools (OneTrust, ServiceNow GRC, Archer, or similar).
• Relevant certifications: ISO 27001 Lead Implementer/Auditor, CISA, CISM, CRISC, CDPSE, ISO 42001 Implementer/Auditor.

Job Location : Hyderabad

Job Type : In Office - Full time

Organization : Cyber Mindsets Pvt. Ltd.

Address :- Prakash nagar, Begumpet, Hyderabad - 500016

Job Types: Full-time, Permanent

Pay: ₹1,000,000.00 - ₹1,500,000.00 per year

Benefits:

• Cell phone reimbursement
• Internet reimbursement

Application Question(s):

• Why do you want to join a cyber security start-up?
• Are you a Immediate Joiner?
• Are you available for F2F interview in Hyderabad?
• Can you implement GRC compliance like ISO42000/27001 independently ?

Willingness to travel:

• 75% (Required)

Work Location: In person