This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
SENIOR GRC CONSULTANT
WE ARE ODYSSEY, looking for Cyber Warriors to join our journey!
Are you someone who thrives in the face of challenges?
Do you have a collaborative spirit, passion for innovation and a commitment to making the world a cyber safer place for all?
If so, join OUR Odyssey and make it your journey as well, because the beauty and reward lie in the journey and not the destination itself.
ROLE DESCRIPTION
The Senior GRC Consultant will be responsible for leading and managing the development and implementation of Governance, Risk, and Compliance (GRC) programs for our clients, ensuring adherence to risk management and cybersecurity directives and regulations. This role requires a deep understanding of regulations, and the ability to support customers across various geographic locations. The ideal candidate will have extensive experience in risk management, compliance, and cybersecurity, with strong analytical and communication skills to effectively interact with stakeholders at all levels.
MAIN RESPONSIBILITIES
- Lead the development and implementation of GRC programs in line regulations.
- Conduct risk assessments and gap analyses to ensure compliance with relevant regulatory requirements.
- Develop, implement, monitor and audit compliance programs to ensure adherence to standards and regulatory frameworks including NIS, NIS2, ISO 27001, PCI DSS, SWIFT CSCF, SOC2, ISO 22301
- Provide expert guidance on Cybersecurity policies, procedures, and controls.
- Develop and deliver training programs for employees on compliance and cybersecurity best practices.
- Collaborate with cross-functional teams to address and mitigate risk.
- Prepare and present compliance and risk reports to senior management.
- Support clients across various geographic locations, ensuring they meet local compliance requirements.
KNOWLEGDE, SKILLS AND EXPERIENCE REQUIRED
Educational:
- Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Business Administration, or a related field.
- Master's Degree preferred in Information Security, Cybersecurity, Risk Management, or a related discipline.
Certifications:
- ISO27001 lead auditor, ISO27001 lead implementor, CISA and/or CISM and/or CRISC is highly preferred.
- Any additional certifications related to EU regulations and data protection will be consider as a plus.
Experience:
- Minimum 5-7 years of experience in governance, risk management, and compliance roles.
- Proven experience with EU cybersecurity directives and regulations, such as NIS Directive (Network and Information Security Directive) and the upcoming NIS2 Directive.
- Experience with risk management frameworks (e.g., ISO 27005).
- Demonstrated expertise in Cybersecurity frameworks (e.g., ISO 27001/27002, NIST Cybersecurity Framework).
- Experience supporting clients in various geographic locations and understanding the nuances of regional compliance requirements.
Languages:
Excellent spoken and written knowledge of English. Proficiency in additional languages than English relevant to target geographic regions is a plus.
Competencies:
- Strategic Thinking: Ability to develop and execute strategic plans for channel development.
- Customer Focus: Strong commitment to understanding and meeting the needs of VARs and their customers.
- Results-Driven: Demonstrated ability to achieve and exceed sales targets.
- Adaptability: Flexibility to adapt to changing market conditions and business needs.
- Team Player: Collaborative approach to working with internal teams and external partners.
Technical Skills:
- Strong understanding of risk management processes and GRC tools (e.g., RSA Archer, ServiceNow GRC, MetricStream).
- Familiarity with data protection tools and technologies.
- Proficient in risk assessment methodologies and tools.
- Knowledge of incident response planning and execution.
- Experience with audit management and compliance reporting.
Knowledge and Competencies:
- Deep understanding of EU-specific regulations and directives related to Cybersecurity and data protection.
- Knowledge of industry best practices in Cybersecurity, governance, risk management, and compliance.
- Ability to analyze complex regulatory requirements and translate them into actionable policies and procedures.
- Strong analytical and problem-solving skills.
- Excellent communication and presentation skills to effectively interact with stakeholders at all levels.
- Ability to lead and mentor junior team members.
- Proficiency in project management principles and practices.
Additional Requirements:
- Fluent in English (additional EU languages are a plus).
- Ability to travel as required within the EU and to other geographic locations to support clients.
- Strong cultural awareness and ability to work effectively with diverse teams.
- Commitment to continuous learning and staying updated with the latest developments in EU regulations and Cybersecurity trends.
WHAT’S IN IT FOR YOU
- Competitive remuneration package (according to experience and qualifications)
- Opportunity to work in a highly specialized, progressive and professional setting
- Hybrid and contemporary working environment, “Best Place to Work” for 3 consecutive years
- Comprehensive Medical and Life Insurance
- Referral Scheme - You can recommend the best talents to the company and receive a reward
- Half-day on Fridays
- Performance based awards and bonus
- Access to the latest technologies
- Mentoring, training & development opportunities
Code
134
Job Location
Athens, Nicosia, Greece