Cyber GRC Professional – Chennai – 3 to 8 Years Experience
Job Description
We’re looking for an experienced Cyber GRC Professional to join our dynamic team and take on the role of safeguarding governance, risk, compliance, and data protection initiatives across multiple industries. If you have a passion for cybersecurity, data privacy, and frameworks like ISO 31000/27001/27002, EU-GDPR, NIST, and more, we want to hear from you! You’ll be working closely with diverse clients to drive risk management solutions, ensure data security, and support regulatory compliance.
Responsibilities:
- Perform risk assessments and develop comprehensive cybersecurity strategies
- Lead data protection programs and initiatives aligned with GDPR, ISO, and NIST frameworks
- Design and implement Information Security Management Systems (ISMS)
- Conduct Business Impact Analysis (BIA), Disaster Recovery (DR), and Third-Party Risk Management (TPRM)
- Oversee the management of data classification, privacy impact assessments (DPIAs), and Records of Processing Activities (RoPAs)
- Work closely with clients to provide consultancy on compliance and security risk management
Job Requirements
• 3+ years of hands-on experience in Cybersecurity GRC
• Strong understanding of frameworks such as ISO 31000, ISO 27001, NIST, EU-GDPR
• Familiarity with risk management strategies, including BIA, TPRM, and ORM/ERM
• Expertise in data protection and privacy regulations
• Ability to design and implement ISMS
• Relevant certifications (CISM, CIPM, ISO Lead Implementer) are highly preferred
• Excellent communication skills, with a proven ability to consult clients on complex cybersecurity and privacy matters
Preferred Qualifications
• Bachelor’s degree or equivalent in Information Security, Cybersecurity, Information Technology, or a related field
• Project management credentials are a plus
• Immediate availability (up to 2 weeks) preferred
• Interested? If you're ready to make an impact, share your resume
About the Company
EY is a global leader in assurance, tax, strategy, and consulting services, helping clients navigate complex challenges and transforming the cybersecurity landscape. With a strong focus on governance, risk, and compliance, we work with organizations across the globe to build secure, resilient, and compliant infrastructures. Join us to make a real impact in the ever-evolving world of cybersecurity and data privacy.
