🚀 Matayo AI Solutions Pvt Ltd (Matayo 360° GRC Service Division) is looking for a passionate GRC Consultant to join our fast-growing compliance advisory team.
If you live and breathe ISO 27001 , can think like an auditor , and love solving risk management puzzles — we want to meet you!
🌟 Position : GRC Consultant
📍 Location : Hybrid (Bangalore / Remote – India)
🕓 Experience : 1–2 Years in GRC / ISO 27001 Implementation
🎓 Qualification : ISO 27001 Lead Implementer or Lead Auditor (Mandatory)
🧠 Key Skills Required :
- Hands-on experience in implementing and auditing ISO / IEC 27001 : 2022
- Familiarity with ISO 31000 Risk Management principles
- Understanding of Annex A controls and Statement of Applicability (SoA)
- Experience conducting Internal Audits, Risk Assessments, and GAP Analysis
- Documentation skills — policies, procedures, risk registers, audit checklists
- Exposure to SOC 2 readiness , GDPR , or DPDPA (added advantage)
- Excellent written and verbal communication skills
🔧 Roles & Responsibilities :
1️⃣ Governance & Compliance
Assist clients in implementing ISO 27001 : 2022 ISMS framework , including defining scope, policy documentation, control implementation, and management review.Conduct GAP assessments and prepare SoA and Risk Treatment Plans .Align controls with frameworks like SOC 2, PCI DSS, HIPAA, and GDPR as needed.2️⃣ Risk Management
Perform risk identification, analysis, and evaluation in line with ISO 31000 .Develop and maintain Risk Register using impact–likelihood matrices.Recommend and track risk treatment plans and mitigation actions.3️⃣ Internal Audit & Assurance
Plan and execute Internal Audits based on ISO 27001 : 2022 Annex A controls.Collect and review evidence from business, IT, and HR departments.Prepare audit reports , NC (Nonconformity) logs , and CAPA (Corrective Action) tracking .Support clients in external certification audits with CBs.4️⃣ Documentation & Reporting
Draft and maintain compliance documents : ISMS Manual, Policies, Procedures, Risk Register, SoA, and Audit Checklists.Prepare MIS dashboards , compliance status reports, and management review summaries.5️⃣ Client Engagement & Delivery
Support end-to-end GRC project execution — from scoping to closure.Coordinate with cross-functional teams and external auditors.Deliver presentations and training to clients on ISMS and Risk Management concepts.💼 Project Exposure :
Should have successfully executed at least two (2) complete ISO 27001 or integrated GRC implementation projects (from GAP to certification stage).🌐 Soft Skills :
Strong analytical, problem-solving, and documentation capabilitiesAbility to manage multiple client projects simultaneouslyHigh integrity, confidentiality, and attention to detail📈 Career Path :
Growth into Senior GRC Consultant / vCISO Track within 2–3 yearsExposure to global frameworks – SOC 2, PCI DSS, HITRUST, ISO 42001 (AI Governance), NIST💰 Compensation :
Competitive salary based on experience and certification level
performance-based incentives per project completion📩 How to Apply :
Send your resume and certification copies toadmin_hr@matayo-ai.com
