Governance, Risk, and Compliance (GRC) SME - Senior Consultant

Infosys Consulting is a globally renowned management consulting firm recognized as one of the UK’s top firms by the Financial Times and Forbes. It operates within a mid-size, entrepreneurial environment supported by its parent organization Infosys, a top-5 IT brand. The Tech Transformation practice helps CIOs address challenges such as cybersecurity, digital transformation, and IT governance, leveraging a team of business analysts, enterprise architects, and cybersecurity specialists.

• Relevant undergraduate or postgraduate degree in Infosec, Cyber Security, or IT Security.
• 1-5+ years of experience in cybersecurity or information security.
• Broad business skill set including stakeholder management, problem-solving, and resilience.
• Experience in gathering, validating, synthesizing, documenting, and communicating data for various audiences.
• Excellent interpersonal and strong written and verbal communication skills in the country’s official language(s) and English (C2 proficiency).
• Willingness to travel for projects.

Diverse security experience may include:

• Understanding of NIST CSF.
• Postgraduate degree in cyber/information security.
• Knowledge of ISO27001, NIS2, SOX, GDPR, DORA.
• Cyber Due Diligence Assessments.
• Third-Party & Supply Chain Cyber Risk Management.
• Incident Response Plan review.
• Supporting bids, RFP responses, and proposals.
• Crisis Management Exercises (CMX).
• Certifications such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM.
• Designing Target Operating Models (TOMs) and RACI Matrices.
• Designing Cyber Security Roadmaps.
• Supporting Post Incident Reviews.
• Reading and summarizing Cyber Threat Intelligence reports.
• Cyber security compliance programs.
• Cyber Security Risk or Maturity Assessments.
• Designing and delivering awareness training.
• Experience with Identity and Access Management and Privileged Access Management projects.

Ideal candidate skills:

• Ability to balance technical and commercial considerations.
• Ability to build strong business relationships at all levels.
• Ability to support and oversee less experienced staff.
• Ability to explain complex cyber methodologies in accessible non-technical language.

• Work on global projects with a global team supported by over 330,000 technical staff.
• Contribute to the development of consulting go-to-market offerings and innovative solutions for C-Suite executives to understand and mitigate cyber risks.
• Direct and lead NIST CSF risk assessments.
• Oversee the design of innovative new services incorporating AI and ML where valuable.
• Support presales, sales, and account management pursuits as a subject matter expert.