We’re Hiring – GRC Consultant (ISO 27001 | Risk Management | Internal Audit)

Matayo AI Solutions Pvt Ltd

(Matayo 360° GRC Service Division) is looking for a passionate

GRC Consultant

to join our fast-growing compliance advisory team.

If you live and breathe

ISO 27001 , can think like an

auditor , and love solving

risk management

puzzles — we want to meet you!

Position : GRC Consultant

Location :

Hybrid (Bangalore / Remote – India)

Experience :

1–2 Years in GRC / ISO 27001 Implementation

Qualification :

ISO 27001 Lead Implementer or Lead Auditor (Mandatory)

Key Skills Required :

Hands-on experience in implementing and auditing

ISO / IEC 27001 : 2022

Familiarity with

ISO 31000 Risk Management

principles

Understanding of

Annex A controls

and Statement of Applicability (SoA)

Experience conducting

Internal Audits, Risk Assessments, and GAP Analysis

Documentation skills — policies, procedures, risk registers, audit checklists

Exposure to

SOC 2 readiness ,

GDPR , or

DPDPA

(added advantage)

Excellent written and verbal communication skills

Roles & Responsibilities :

1️⃣

Governance & Compliance

Assist clients in implementing

ISO 27001 : 2022 ISMS framework , including defining scope, policy documentation, control implementation, and management review.

Conduct

GAP assessments

and prepare

SoA

and

Risk Treatment Plans .

Align controls with frameworks like

SOC 2, PCI DSS, HIPAA, and GDPR

as needed.

2️⃣

Risk Management

Perform

risk identification, analysis, and evaluation

in line with

ISO 31000 .

Develop and maintain

Risk Register

using impact–likelihood matrices.

Recommend and track

risk treatment plans

and mitigation actions.

3️⃣

Internal Audit & Assurance

Plan and execute

Internal Audits

based on ISO 27001 : 2022 Annex A controls.

Collect and review evidence from business, IT, and HR departments.

Prepare

audit reports ,

NC (Nonconformity) logs , and

CAPA (Corrective Action) tracking .

Support clients in

external certification audits

with CBs.

4️⃣

Documentation & Reporting

Draft and maintain compliance documents : ISMS Manual, Policies, Procedures, Risk Register, SoA, and Audit Checklists.

Prepare

MIS dashboards , compliance status reports, and management review summaries.

5️⃣

Client Engagement & Delivery

Support end-to-end GRC project execution — from scoping to closure.

Coordinate with cross-functional teams and external auditors.

Deliver presentations and training to clients on ISMS and Risk Management concepts.

Project Exposure :

Should have successfully executed at least

two (2)

complete ISO 27001 or integrated GRC implementation projects (from GAP to certification stage).

Soft Skills :

Strong analytical, problem-solving, and documentation capabilities

Ability to manage multiple client projects simultaneously

High integrity, confidentiality, and attention to detail

Career Path : Growth into

Senior GRC Consultant / vCISO Track

within 2–3 years

Exposure to global frameworks –

SOC 2, PCI DSS, HITRUST, ISO 42001 (AI Governance), NIST

Compensation :

Competitive salary based on experience and certification level

performance-based incentives per project completion

How to Apply :

Send your resume and certification copies to

admin_hr@matayo-ai.com