JOB TITLE: IT GRC – MID-LEVEL CONSULTANT
Our client, a leading IT Governance, Risk, and Compliance (GRC) Consulting and Capacity Building firm in Africa with a presence in 9 African countries and accreditation to two global best practice standards (ISO27001 and ISO9001), is looking for an IT GRC- Mid Level Consultant to help high-profile clients in the public and private sectors across Sub-Saharan Africa strengthen their processes and realize the benefits of IT investments.
DUTIES AND RESPONSIBILITIES
- Responsible for verifying through frequent planned evaluations of in-scope technical areas, overall adherence to internal and external IT Standards and Controls.
- Managing policies, control frameworks, processes, and procedures in terms of their planning, design, formulation, and execution.
- Conduct holistic audits, risk and vulnerability assessments, and vulnerability resolution for IT assets.
- Ensure that IT compliance is in line with important goals and initiatives.
- Verify all best practices frameworks and standards, such as ISO 27001, ISO 20000, and ISO 222301, are maintained.
- Business Continuity Plan for Technology (BCP) Coordinator – Disaster Recovery Plan formulation and regular Disaster Recovery and High Availability Tests execution.
Eligible applicants should possess:
- A good Bachelor’s degree in an IT-related discipline
- Masters degree, or equivalent in Business Management, Information Technology Management, Cyber Security etc. or a certification in ISO 27001/22301/20000
- Working knowledge of frameworks standards and regulations, including PCI, ISO 27001/22301/20000, NIST CSF, GDPR, COBIT
- Experience in conduct VAPT would an advantage.
- 3-5 years of experience in an information systems environment, with strong knowledge of IT Governance and Systems Information Security.
- An opportunity to work in-person and remote is applicable.