We’re Hiring – GRC Consultant (ISO 27001 | Risk Management | Internal Audit)

Matayo AI Solutions Pvt Ltd (Matayo 360° GRC Service Division) is looking for a passionate GRC Consultant to join our fast-growing compliance advisory team.

If you live and breathe ISO 27001 , can think like an auditor , and love solving risk management puzzles — we want to meet you!

Position : GRC Consultant

Location : Hybrid (Bangalore / Remote – India)

Experience : 1–2 Years in GRC / ISO 27001 Implementation

Qualification : ISO 27001 Lead Implementer or Lead Auditor (Mandatory)

Key Skills Required :

Hands-on experience in implementing and auditing ISO / IEC 27001 : 2022

Familiarity with ISO 31000 Risk Management principles

Understanding of Annex A controls and Statement of Applicability (SoA)

Experience conducting Internal Audits, Risk Assessments, and GAP Analysis

Documentation skills — policies, procedures, risk registers, audit checklists

Exposure to SOC 2 readiness , GDPR , or DPDPA (added advantage)

Excellent written and verbal communication skills

Roles & Responsibilities :

1️⃣ Governance & Compliance

Assist clients in implementing ISO 27001 : 2022 ISMS framework , including defining scope, policy documentation, control implementation, and management review.

Conduct GAP assessments and prepare SoA and Risk Treatment Plans .

Align controls with frameworks like SOC 2, PCI DSS, HIPAA, and GDPR as needed.

2️⃣ Risk Management

Perform risk identification, analysis, and evaluation in line with ISO 31000 .

Develop and maintain Risk Register using impact–likelihood matrices.

Recommend and track risk treatment plans and mitigation actions.

3️⃣ Internal Audit & Assurance

Plan and execute Internal Audits based on ISO 27001 : 2022 Annex A controls.

Collect and review evidence from business, IT, and HR departments.

Prepare audit reports , NC (Nonconformity) logs , and CAPA (Corrective Action) tracking .

Support clients in external certification audits with CBs.

4️⃣ Documentation & Reporting

Draft and maintain compliance documents : ISMS Manual, Policies, Procedures, Risk Register, SoA, and Audit Checklists.

Prepare MIS dashboards , compliance status reports, and management review summaries.

5️⃣ Client Engagement & Delivery

Support end-to-end GRC project execution — from scoping to closure.

Coordinate with cross-functional teams and external auditors.

Deliver presentations and training to clients on ISMS and Risk Management concepts.

Project Exposure :

Should have successfully executed at least two (2) complete ISO 27001 or integrated GRC implementation projects (from GAP to certification stage).

Soft Skills :

Strong analytical, problem-solving, and documentation capabilities

Ability to manage multiple client projects simultaneously

High integrity, confidentiality, and attention to detail

Career Path :

Growth into Senior GRC Consultant / vCISO Track within 2–3 years

Exposure to global frameworks – SOC 2, PCI DSS, HITRUST, ISO 42001 (AI Governance), NIST

Compensation :

Competitive salary based on experience and certification level

performance-based incentives per project completion

How to Apply :

Send your resume and certification copies to

admin_hr@matayo-ai.com