Experience Required : 2 - 3 years
Location : Andheri, Mumbai
Department : Risk Advisory / Information Security / Cybersecurity
We are seeking a GRC Consultant (Junior) with 2-3 years of experience to support clients in building and enhancing their Governance, Risk, and Compliance (GRC) frameworks. The ideal candidate will work with senior consultants to assist in the execution of risk assessments, compliance audits, policy reviews, and control implementations across various industries.
• Assist in drafting and reviewing IT and information security policies, procedures, and standards.
• Support in conducting GAP assessments against frameworks like ISO 27001, SOC 2, GDPR, PCI-DSS.
• Coordinate audit preparation and evidence collection with client teams.
• Work on the maintenance and continual improvement of Information Security Management Systems (ISMS).
• Participate in IT and cybersecurity risk assessments and update risk registers.
• Support in identifying risks, recommending mitigation actions, and tracking closure.
• Assist in preparing risk analysis reports and presenting key findings.
• Collaborate with client teams to gather required information and documents.
• Assist senior team members in delivering client reports, presentations, and project documentation.
• Participate in internal and external audit support for compliance assessments.
• Exposure to GRC platforms/tools like Archer, ServiceNow GRC, MetricStream, or equivalents.
• Familiarity with tools used in risk assessments and compliance tracking.
• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related fields.
• 2-3 years of experience in GRC, Information Security, IT Compliance, or Risk Management roles.
• Basic to intermediate knowledge of ISO 27001, SOC 2, NIST CSF, or similar frameworks.
• Good understanding of risk assessment methodologies and compliance processes.
• Strong communication, report-writing, and documentation skills.
• Proficiency in MS Office (Excel, Word, PowerPoint).
• ISO 27001 Lead Auditor (Mandatory)
• CISA (Certified Information Systems Auditor) (optional)
• CRISC (Certified in Risk and Information Systems Control) (optional)
• ITIL Foundation (for process understanding)
Location: Powai, Mumbai
Job Type: Full-time, Fully on site
Department : Risk & Compliance / IT Security
Reports To : GRC Head
The GRC Senior Consultant will play a key role in designing, implementing, and managing governance, risk management, and compliance programs across organizations. This position requires deep expertise in regulatory compliance, risk assessment, internal controls, and security frameworks. The consultant will engage with clients to ensure compliance with industry standards, improve risk posture, and integrate GRC best practices into business operations
• Design and implement GRC frameworks aligned with industry best practices (ISO 27001, NIST, COBIT, PCI-DSS, GDPR, SOC 2, etc.).
• Ensure adherence to regulatory compliance (SOX, HIPAA, GDPR, CCPA, etc.) for clients or internal business units.
• Develop and maintain corporate policies, procedures, and control frameworks to support compliance.
• Conduct gap analysis and develop remediation plans for compliance risks.
• Manage audits and liaise with regulatory bodies and external auditors.
• Perform risk assessments (IT, cybersecurity, operational, third-party) and develop mitigation strategies.
• Implement risk management frameworks like COSO, ISO 31000, and FAIR (Factor Analysis of Information Risk).
• Develop and execute Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP).
• Oversee third-party risk management (vendor assessments, due diligence, contract compliance).
• Assess and enhance IT security controls using frameworks like NIST CSF and CIS Controls.
• Implement Identity and Access Management (IAM), Data Protection, and Incident Response policies.
• Work with cybersecurity teams to ensure security controls are effectively integrated into business processes.
• Drive security awareness programs and conduct training sessions.
• Deploy and manage GRC tools (RSA Archer, ServiceNow GRC, MetricStream, LogicGate, OneTrust).
• Develop and maintain dashboards, reporting systems, and automation scripts for continuous compliance monitoring.
• Lead the adoption of AI/ML-based risk management solutions where applicable.
• Act as a trusted advisor to clients and business stakeholders on risk and compliance matters.
• Work with C-level executives, IT teams, auditors, and legal teams to align GRC strategies with business objectives.
• Conduct workshops, training sessions, and executive briefings on compliance and risk management trends.
• Strong knowledge of GRC frameworks: ISO 27001, NIST, COBIT, SOC 2, GDPR, PCI-DSS, HIPAA.
• Experience in risk assessment methodologies: ISO 31000, COSO ERM, FAIR, etc.
• Expertise in audit processes (internal/external) and regulatory compliance standards.
• Proficiency in GRC platforms (RSA Archer, MetricStream, ServiceNow, OneTrust, etc.).
• Strong understanding of IT security controls, cloud security, and data privacy.
• Ability to design and evaluate BCP, DRP, and incident response strategies.
• Knowledge of third-party risk management and vendor risk assessment.
• Strong analytical and problem-solving abilities.
• Excellent communication and stakeholder management skills.
• Ability to translate regulatory requirements into actionable strategies.
• Experience in project management and cross-functional collaboration.
• Ability to work independently and manage multiple projects simultaneously.
CISSP (Certified Information Systems Security Professional)
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
ISO 27001, ISO 27701, ISO 22301, ISO 20000-1, ISO 9001, ISO 42001 Lead Lead Auditor & Lead Implementor
CIPP/E or CIPM (Certified Information Privacy Professional/Manager) – for privacy compliance
CPA/CIA (for SOX and financial risk management)
COBIT 5 / COBIT 2019 Foundation
ITIL Foundation
PMP / PRINCE2 (Project Management)
Certified Ethical Hacker (CEH) (for cybersecurity exposure)
• 15+ years of experience in GRC, cybersecurity, risk management, or compliance consulting.
• Hands-on experience in regulatory compliance audits, security assessments, and risk analysis.
• Experience in implementing and managing GRC solutions across industries.
• Prior experience working in Big 4 consulting firms (Deloitte, EY, PwC, KPMG) or in a regulated industry (banking, healthcare, fintech, etc.) is preferred.
• Proven track record in policy development, control assessments, and audit engagements.
• Opportunity to work with top-tier clients across industries.
• Exposure to cutting-edge GRC automation tools and AI-driven risk analytics.
• Collaborative, learning-focused work culture with career growth opportunities.
• Competitive salary and benefits package, including certification sponsorship and upskilling programs.
Interested candidates can apply online or send their updated CV and certifications to "sheetal.gupta@eprotect360.com" & sonali.kadam@eprotect360.com with updated Resume.
Experience : 3- 5 Years
Location : Powai, Mumbai
Target based role
ePROTECT 360 Solutions Pvt. Ltd. is a leading provider of Governance, Risk & Compliance (GRC) consulting, Cybersecurity services, Managed Services, Audit & Certification Assistance, and Training solutions. With a global presence across India, GCC, US, and Africa, we empower organizations to strengthen their resilience, manage risks, and stay compliant with international standards.
We are looking for a dynamic and detail-oriented Presales Executive with strong command over the English language. The role involves understanding customer requirements, preparing proposals, participating in product demonstrations, and coordinating between internal teams to support the sales process. The ideal candidate must have excellent verbal and written communication skills.
• Engage with potential clients to understand their business needs and requirements
• Prepare and present product demonstrations, proposals, and technical documentation
• Collaborate with the sales team to develop solutions tailored to client requirements
• Support RFP/RFQ responses and create high-quality presentations and sales collateral
• Conduct market and competitor research to support sales initiatives
• Handle client queries professionally and ensure timely follow-ups
• 3 – 5 years of experience in Presales or a related customer-facing role
• Excellent command over English — both verbal and written communication is mandatory
• Strong presentation and interpersonal skills.
• Ability to craft tailored messages and value propositions for senior decision-makers.
• Ability to understand and translate customer requirements into business solutions
• Proficiency in MS Office tools (Word, PowerPoint, Excel)
• Ability to work under deadlines and handle multiple tasks
• Bachelor’s degree in Business, Marketing, IT, or a related field
• Opportunity to work with a leading cybersecurity & compliance solutions provider with global reach.
• Exposure to international markets (India, GCC, US, and Africa).
• Collaborative work culture with growth opportunities.