FIND_THE_RIGHTJOB.
Senior Consultant - ISMS/GRC
JOB_REQUIREMENTS
Hires in
Not specified
Employment Type
Not specified
Company Location
Not specified
Salary
Not specified
We are seeking a highly experienced Senior Consultant with strong expertise in Information Security Management Systems (ISMS) and IT Governance, Risk, and Compliance (IT GRC). The ideal candidate should have a proven track record of implementing and auditing ISO 27001, developing and designing IT GRC frameworks based on COBIT, NIST, and conducting risk assessments to ensure compliance with industry standards and regulations, like GDPR, SAMA, NESA, NCA, PDPL etc.
Job Description:
ISMS Responsibilities:
- Lead the implementation, management, and auditing of ISO 27001-based Information Security Management Systems (ISMS).
- Perform gap assessments to identify areas of non-compliance and develop corrective action plans.
- Conduct risk assessments and ensure risk mitigation strategies are aligned with business objectives.
- Develop and refine ISMS policies, procedures, and controls in compliance with ISO 27001 and other relevant standards.
- Support clients in achieving and maintaining ISO 27001 certification, including audit readiness.
- Provide guidance on security incident management and business continuity planning.
IT GRC Responsibilities:
- Develop and implement IT governance frameworks based on COBIT, NIST, and other best practices.
- Conduct IT risk assessments and define risk treatment plans.
- Ensure compliance with regulatory requirements such as GDPR, NIST, GDPR, and local cybersecurity regulations.
- Design and implement IT compliance and risk management programs, policies, and controls.
- Provide advisory services on third-party/vendor risk management.
- Assist organizations in aligning IT strategy with business objectives through effective governance practices.
Requirements
- Master’s or Bachelor’s degree in Information Security, Computer Science, or IT-related field.
- Certifications (preferred): ISO 27001 Lead Implementer / Lead Auditor, CISM, CRISC, CISSP, CISA, or COBIT 2019 Foundation.
- Experience: Minimum 6–8 years of experience in ISMS and IT GRC consulting, implementation, or auditing.
- Hands-on experience in conducting ISO 27001 gap assessments, risk assessments, and audits.
- Strong practical knowledge of IT governance frameworks (COBIT, NIST, ITIL, etc.).
- Experience in handling regulatory compliance requirements such as GDPR, NIST, and PCI-DSS.
- Excellent report writing, communication, and stakeholder management skills.
Similar jobs
Senior Executive Planning (Pharma Industry)
R.A.& Co.
Karachi, Pakistan
about 8 hours ago
Senior Consultant - Application Development
Systems Limited
Karachi, Pakistan
about 8 hours ago
Jr. Consultant / Consultant- ENT (Full Time)
Patel Hospital, Gulshan-e-Iqbal, Karachi.
Karachi, Pakistan
about 10 hours ago
Senior Delivery Consultant
McKinsey & Company
Karachi, Pakistan
6 days ago
Senior Consultant
Systems Limited
Karachi, Pakistan
6 days ago
MENA Tax Delivery - Global Compliance & Reporting (GCR), Consultant/Senior Consultant
EY in Pakistan
Karachi, Pakistan
6 days ago
Consultant Forensics & Integrity Services, Rapid Innovation, Karachi, Pakistan
EY
Karachi, Pakistan
6 days ago
© 2025 Qureos. All rights reserved.