GRC Consultant

We are seeking a driven and knowledgeable GRC to join our GRC team. In this role, you will guide customers through complex compliance processes, ensuring their success and building trust in their organizations. Your mission is to provide exceptional support, drive product improvements based on feedback, and contribute to Scytale's growth by delivering top-tier compliance solutions. Job requirements Experience: ○ At least 2 years in Technology Risk, Compliance, GRC, CISO, or a similar position. ○ Extensive experience managing compliance projects and audits (e.g., SOC 2, ISO 27001). ○ Background in answering security questionnaires. Skills: ○ Proficiency in managing multiple projects and meeting deadlines using tech tools. ○ Excellent verbal and written communication abilities. ○ Strong self-starter with a solution-focused and positive attitude. Education and Certifications: ○ Bachelor's degree in Engineering, Information Systems, Computer Science, Law, Accounting, or Business (advantageous). ○ Information Security certifications such as CISSP, CISA, CISM, CCSK, or ISO 27001 Lead Implementer (advantageous). Job responsibilities Compliance Consulting: ○ Prepare SaaS companies for security audits such as SOC 2 and ISO 27001, including assessment, preparation, and audit management. ○ Assist customers with filling out vendor security questionnaires and creating policies, procedures, and risk assessments using our product. ○ Advise customers on best practices and evolving security regulations. GRC: ○ Establish and maintain long-term relationships with clients by ensuring their compliance needs are met. ○ Provide hands-on support throughout their compliance journey. Collaboration and Feedback: ○ Coordinate activities across multiple teams and integration points, ensuring seamless execution. ○ Drive product improvements by incorporating market feedback and customer needs. Communication: ○ Clearly articulate compliance concepts and Scytale's value proposition to clients. ○ Write and present well-structured documentation and processes.