Job Title

Job Title: GRC Deputy Manager/ManagerLocation: ChennaiExperience: Minimum 4 yearsShift: Regular business hours (as per company policy)Role OverviewWe are seeking a GRC Consultant / Senior Consultant with strong experience in ISMS, ISO 27001, and Third-Party Risk Management (TPRM). The ideal candidate will support governance, risk, and compliance initiatives, conduct assessments, and help clients strengthen their security posture.Key Responsibilities- Conduct ISO 27001 gap assessments, internal audits, and support ISMS implementation and maintenance. - Perform TPRM assessments, evaluate vendor risks, review security documentation, and recommend remediation actions. - Support the development and review of security policies, procedures, SOPs, and risk registers. - Conduct risk assessments and assist in designing risk treatment plans. - Coordinate with stakeholders and clients to gather evidence, track compliance status, and close audit findings. - Assist in preparing audit reports, dashboards, and compliance documentation. - Stay updated with global security standards, industry best practices, and emerging regulatory requirements. - Collaborate with cross-functional teams (IT, Security, Operations, Legal, Procurement) to ensure alignment with GRC practices.Required Skills & Experience- Minimum 2 years of experience in GRC, ISMS, ISO 27001, and TPRM. - Practical exposure to ISO 27001:2022 implementation or audits. - Strong understanding of risk assessment methodologies, security controls, and compliance frameworks. - Experience in vendor due diligence, security questionnaires, and TPRM workflows. - Good knowledge of security governance processes and documentation management. - Excellent communication, stakeholder management, and reporting skills.Preferred Qualifications- ISO 27001 LA/LI certification (preferred). - Experience working with GRC tools (ServiceNow, Archer, OneTrust, etc.) is an advantage. - Ability to work independently and meet project timelines.