Role Description

We are seeking an experienced Senior/Lead Consultant specialising in IT Governance, Risk, and Compliance (GRC) to join our team. In this hybrid role, you will manage and oversee IT GRC activities, ensuring alignment with industry standards and regulatory requirements. Your expertise will contribute to building secure, compliant, and resilient IT systems.

Key Responsibilities:

1. Governance, Risk, and Compliance:

• Conduct comprehensive risk assessments and identify potential vulnerabilities.
• Develop and implement IT policies, procedures, and risk mitigation strategies.
• Provide expert guidance on regulatory compliance and industry best practices.

2. Project Lifecycle Involvement:

• Interpret and define security requirements for IT systems.
• Design and implement robust system security architectures.
• Evaluate risks from deviations and non-compliance issues, recommending solutions.
• Support security acceptance testing and continuous security assessments.

The Candidate shall possess the following professional qualification and experience:

a. minimum six (6) years of experience in designing, implementing and testing system security architecture of similar scale; OR

b. minimum two (2) years of experience in designing, implementing and testing system security architecture of similar scale – plus having attained at least one (1) of the following:

i. Information Security Masters degree from U.S. National Centres of Academic Excellence in Cyber Defence (NSA/DHS CAE) or those certified by U.K. National Cyber Security Centre (GCHQ’s NCSC); or

ii. CREST Registered Technical Security Architect (CRTSA); or

iii. Information Systems Security Architecture Professional (CISSP-ISSAP).

Minimum Qualifications

• Strong knowledge of IT governance, risk management, and compliance frameworks
• Experience in conducting risk assessments and developing risk mitigation strategies
• Experience in Network and System Security Engineering and Enterprise Security Architectural Design
• Familiar with relevant regulatory requirements and industry standards
• Excellent problem-solving and analytical skills
• Strong communication and interpersonal skills
• Ability to work independently and collaboratively in teams
• Certifications such as CISSP and CRISC are highly preferred
• Minimum of 5 years of experience in IT governance, risk, and compliance roles
• Bachelor's or master's degree in IT, Computer Science, or a related field
• Security clearance (CAT 1 or 2) required for government project