We are seeking an accomplished GRC Solution Lead with a robust background in auditing, process development, and compliance assessments. This role demands deep expertise in global compliance frameworks, including ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR, and more. The ideal candidate will play a critical role in designing, presenting, and delivering bespoke GRC solutions to an international clientele. This leadership position requires a blend of advanced technical knowledge, exceptional pre-sales capabilities, and a proven ability to drive successful client engagements.

Key Responsibilities

Solution Development
4. Craft customized GRC solutions aligned with global compliance frameworks such as ISO 27001, SOC 2, PCI DSS, HIPAA, and GDPR.
5. Develop process documentation, control frameworks, and implementation roadmaps suited to diverse industries and regulatory landscapes.
6. Drive innovation in solution offerings by staying abreast of industry trends, emerging regulations, and best practices.

Audit and Assessment Expertise
7. Lead client engagements for audits, readiness assessments, and gap analyses for compliance certifications and frameworks.
8. Provide hands-on support in implementing and operationalizing controls to achieve compliance requirements.
9. Assist organizations in building comprehensive risk management frameworks and governance structures.

Team and Stakeholder Management
10. Work closely with internal delivery and technical teams to ensure a seamless transition from pre-sales to implementation.
11. Lead and mentor junior team members, promoting skill development and knowledge sharing within the GRC practice.
12. Cultivate and maintain relationships with clients, regulatory bodies, and other key stakeholders to ensure high levels of satisfaction and trust.

Qualifications and Experience

Education and Certifications

Bachelor's degree in Computer Science, Information Security, or a related field (Master’s degree or MBA preferred). Certifications such as CISSP, CISA, CISM, CRISC, or ISO 27001 Lead Auditor/Implementer are highly valued.

Experience

Minimum of 15 years of experience in cybersecurity, with a strong focus on Governance, Risk, and Compliance (GRC). Extensive experience managing compliance programs and audits across multiple geographies and industries. Expertise in frameworks like ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR, and other regulatory standards. Hands-on experience in audit readiness, process design, control implementation, and compliance reporting.

Key Skills and Competencies

Technical Expertise Profound knowledge of GRC frameworks, risk management methodologies, and control implementation. Familiarity with GRC tools such as RSA Archer, ServiceNow GRC, or similar platforms. Consultative Selling Proven ability to translate technical solutions into business value propositions. Experience in drafting RFP responses, solution blueprints, and client-facing documentation. Project Management Skilled in managing complex GRC projects, ensuring timely delivery and alignment with stakeholder expectations. Adept at coordinating cross-functional teams in diverse environments. Communication and Leadership Exceptional interpersonal, presentation, and negotiation skills. Demonstrated ability to lead and mentor teams while fostering a culture of collaboration and innovation.