Back to search
Alphabit Cybersecurity Linkedin · Posted 4d ago

Cybersecurity GRC Consultant

Athens

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

ABOUT THE ROLE

We are looking for a driven and detail-oriented Cybersecurity GRC Consultant to join our growing team. In this role, you will work directly with a diverse portfolio of clients to assess, build, and mature their Information Security Governance, Risk, and Compliance programs. You will translate complex regulatory requirements into actionable security controls, guide clients through certification and audit processes, and serve as a trusted advisor on all things cyber risk.

This is a hands-on, client-facing position, not a legal or policy role. You will be embedded in technical teams, collaborating with IT, security operations, and executive stakeholders to drive meaningful risk reduction and compliance outcomes.

WHAT YOU'LL DO

Strategic GRC Implementation: Lead and support the implementation of industry-recognized security frameworks, performing gap analyses and managing certification or attestation readiness for clients across diverse sectors.

Risk Management & Treatment: Conduct comprehensive cyber risk assessments, threat modelling, and vulnerability analysis to develop and execute risk treatment plans aligned with organizational risk appetite.

Policy & Control Governance: Develop, review, and maintain robust information security policies, standards, and internal control frameworks to ensure operational alignment with organizational security goals.

Security Awareness & Culture: Design and oversee comprehensive security awareness training programs, phishing simulations, and role-based education initiatives to mature the organizational security culture and reduce human-centric risk.

Third-Party Risk Management (TPRM): Manage end-to-end vendor risk programs, including the assessment of supplier security controls and the definition of contractual security obligations.

Regulatory Compliance: Support clients in achieving and sustaining compliance with evolving cross-jurisdictional data protection, digital resilience, and sector-specific regulatory requirements.

Audit Lifecycle Management: Coordinate and facilitate internal and external audit engagements, oversee evidence collection processes, and manage the lifecycle of identified findings and remediation efforts.

Resilience & Readiness: Contribute to the design and improvement of business continuity, disaster recovery, and incident response programs through rigorous tabletop exercises and testing.

Executive Reporting: Produce high-impact risk reports and interactive dashboards that translate complex security metrics into actionable business intelligence for executive leadership.

WHAT WE'RE LOOKING FOR

  • Minimum 2 years of hands-on experience in cybersecurity GRC, information security, or a related technical role.
  • Solid working knowledge of ISO 27001 / 27002, GDPR, NIS2, and DORA.
  • Demonstrated experience conducting risk assessments and building or improving security control frameworks.
  • Experience managing third-party / vendor risk programs.
  • Strong written and verbal communication skills - ability to present technical risk to non-technical audiences.
  • Client-facing consulting experience is a strong advantage.
  • Self-motivated, organized, and comfortable managing multiple engagements in parallel.
  • ISO 27001 Lead Auditor or Lead Implementor certification is a plus.
  • Familiarity with NIST CSF or 800-53 is a plus.


Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent