Clips

Threads

Jobs

Channels

Senior IT Audit and Information Security Consultant

Full–time

Posted on: 2 days ago

Job Title: GRC Consultant / Senior Consultant

Location: Mumbai

Experience: 2–6 Years

Employment Type: Full-time

Joining: Immediate Joiner Preferred

Role Overview

We are seeking a GRC Consultant / Senior Consultant with experience in IT Audit and Information Security Management Systems (ISMS) to support risk, compliance, and information security engagements. The candidate will assist organizations in implementing governance frameworks, strengthening IT controls, and ensuring compliance with security standards.

Key Responsibilities
  • Perform IT audits and IT General Controls (ITGC) assessments across applications and infrastructure.
  • Support ISMS implementation and audits aligned with ISO 27001 standards.
  • Conduct risk assessments, gap assessments, and control evaluations for clients.
  • Assist in developing and maintaining information security policies, procedures, and documentation .
  • Evaluate IT processes, access management, change management, and security controls .
  • Support compliance initiatives such as ISO 27001, SOC 2, and other regulatory frameworks .
  • Prepare audit reports, risk findings, and remediation recommendations .
  • Coordinate with client stakeholders to gather evidence and support audit and compliance activities .
  • Assist in internal audits, external audits, and certification readiness activities .

    • Required Skills
  • 2–6 years of experience in IT Audit, GRC, or Information Security .
  • Hands-on experience with ISMS implementation or ISO 27001 audits .
  • Understanding of ITGC controls including access management, change management, and IT operations .
  • Familiarity with risk assessment methodologies and compliance frameworks .
  • Strong documentation, analytical, and reporting skills .
  • Ability to interact effectively with technical and business stakeholders .

    • Preferred Qualifications
  • Bachelor’s degree in Information Technology, Computer Science, or related field .
  • Certifications such as ISO 27001 Lead Implementer/Lead Auditor, CISA, or similar (preferred).
  • Experience working in consulting, risk advisory, or audit environments .

    • Key Competencies
  • IT Audit & ITGC
  • ISMS / ISO 27001
  • Risk & Compliance (GRC)
  • Control Assessment & Documentation
  • Stakeholder Communication