Consultant - IT Governance, Risk and Compliance

Key Responsibilities
Ensure timely execution of internal controls, as well as the completion of IT risk and data privacy assessments.
Identify corrective actions and monitor remediation efforts to resolve internal control issues and open risks promptly.
Collaborate with internal and external auditors to ensure compliance with audit and cybersecurity requirements.
Contribute to the development of IT GRC standards, with a focus on data privacy and cybersecurity.
Recommend improvements to existing processes and internal controls to safeguard company assets.

Qualifications and Skills:
Bachelors degree in Information Technology, Cybersecurity, or a related field.
Minimum 5 years of professional experience in IT GRC, Cybersecurity, or IT Audit.
Professional certifications such as CISA, CISM, and/or CISSP will be an added advantage.
Experience with Sarbanes-Oxley compliance (SOX) and/or Information Technology General Controls (ITGC), including control execution, testing, documentation, and remediation.
Excellent working knowledge of NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF), ISO/IEC 27001, and GDPR compliance.
Broad, high-level understanding of IT systems and infrastructure, including networking, servers, hardware, databases, and cloud applications (SaaS/PaaS/IaaS).
Exceptional attention to detail with a commitment to excellence.
Ability to manage multiple tasks/projects and prioritize effectively.
Excellent verbal and written communication skills, with the ability to engage effectively with management.
Collaborative team player with a proven ability to work effectively with others