We are looking for a talented and seasoned Cybersecurity Governance, Risk, and Compliance (GRC) Team Lead with over two years of experience managing a GRC team, alongside three or more years of hands-on experience in cybersecurity governance, risk management, and compliance. As the GRC Team Lead, you will oversee and guide the development and implementation of cybersecurity frameworks, policies, and controls, ensuring the team’s work aligns with regulatory standards and mitigates security risks effectively. This role requires strategic thinking, strong leadership, and expertise in security governance to ensure compliance and drive continuous improvement across our projects.

Responsibilities:

• Lead the development and implementation of cybersecurity governance frameworks, policies, and procedures in line with industry standards and best practices.
• Manage and support the GRC team in conducting risk assessments and gap analyses to identify security vulnerabilities and develop effective mitigation strategies.
• Collaborate with cross-functional teams to ensure the successful implementation of security controls and measures.
• Provide strategic guidance on regulatory compliance requirements, including GDPR, HIPAA, PCI DSS, and ISO 27001.
• Oversee and lead internal and external cybersecurity audits, assessments, and compliance reviews.
• Stay current with emerging cybersecurity threats, trends, and regulatory changes to proactively manage security risks.
• Serve as a subject matter expert in GRC, providing training, mentorship, and guidance to team members and junior consultants.
• Build and maintain strong relationships with clients, stakeholders, and regulatory authorities to ensure ongoing compliance and alignment with industry standards.
  
  

• Bachelor's degree in Computer Science, Information Security, or a related field; Master’s degree is preferred.
• Minimum of two years of experience as a GRC Team Lead, with at least three years in GRC-related roles.
• Professional certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.
• Strong knowledge of cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Controls, and COBIT.
• Proven experience in conducting risk assessments, gap analyses, and security audits.
• Exceptional analytical and problem-solving skills, with the ability to translate complex regulatory requirements into actionable strategies.
• Excellent leadership and communication skills, capable of effectively collaborating with internal teams and clearly conveying technical concepts to non-technical stakeholders.
• Demonstrated success in managing and delivering cybersecurity projects from start to finish, with a track record of building and leading high-performance teams.