Full-remote Governance, Risk & Compliance (GRC) Consultant

• Assess clients' cybersecurity governance, risk, and compliance posture, being able to identify gaps and provide actionable recommendations;
• Conduct risk assessments, identifying vulnerabilities, and recommending mitigation strategies, assisting clients in internal and external audits by ensuring robust documentation and explanations;
• Help clients develop and update information security policies and procedures, preparing reports and presentations outlining findings, recommendations, and compliance status;
• Plan and lead national and international cybersecurity projects, managing risks, and ensuring operational control, having a collaborative mindset to work with different teams.

• Academic background in Computer Engineering, Science or similar areas;
• Minimum 03 years of experience in GRC;
• Solid understanding and practical experience with at least one major information security framework (e.g., ISO 27001, NIST CSF, COBIT);
• Strong analytical and problem-solving skills with the ability to interpret complex technical and regulatory requirements;
• Relevant certifications such as CRISC, CISM, CISA, ISO 27001 Implementer/Auditor, CISPP, ISO9001, GDPR or similar, will be a plus;
• Fluency both in Portuguese and English.

ITJobs