As a Consultant, you would be expected to perform the following activities:

Experience:

• Minimum of 3-5 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy.
• Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust.
• Gathering and documenting business requirements and identifying gaps within existing systems and processes.
• Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.).
• Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust.
• Experience on Privacy Enhancement and Automation tools such as OneTrust.
• Proficient in risk management processes and compliance regulations.
• Proven experience in GRC, particularly within a consulting environment.
• Proficiency with scripting language in implementing API integrations with external system
• Must have development experience in more than 2- 3 projects from scratch to till go-live
• Strong understanding of GRC frameworks such as COBIT, ISO 27001, NIST, etc.
• Strong analytical and problem-solving skills.
• Excellent interpersonal and communication skills, capable of working effectively with clients and team members.

• Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into productionuse.
• Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience.
• Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled duringoperations;
• Utilize GRC tools to automate risk management and compliance monitoring tasks.
• Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients acrossindustries.
• Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make thingshappen.
• Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo.
• Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes.
• Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements.
• Assist in developing GRC governance and operating model for the set up and sustainment of the GRCprogram.