Login Sign Up
🔔 FCM Loaded

GRC & ISO Specialists (2-10 years)

Kirtane & Pandit

2 - 10 years

Mumbai

Posted: 22/02/2026

Getting a referral is 5x more effective than applying directly

Job Description

Job Title: GRC & ISO Specialists (2-10 years)

Company: Kirtane & Pandit LLP

Location: Mumbai (Dadar, On site)

Role Overview

Kirtane & Pandit LLP is seeking experienced GRC & ISO Cybersecurity Professionals to join its Cybersecurity Division. The role involves designing, implementing, and assessing Governance, Risk & Compliance (GRC) frameworks and leading ISO certification engagements for clients across sectors.


Key Responsibilities


Governance, Risk & Compliance (GRC):

Design, implement, and assess GRC frameworks aligned with business and regulatory requirements

Conduct IT risk assessments, control gap assessments, and maturity assessments

Support clients in developing cybersecurity policies, procedures, and standards

Perform third-party/vendor risk assessments

Support regulatory and compliance initiatives (e.g., RBI, SEBI, IRDAI, DPDP Act, etc.)


ISO & Standards Implementation:

Lead and execute ISO certifications and audits such as:

o ISO/IEC 27001 (ISMS)

o ISO 22301 (BCMS)

o ISO 27701 (Privacy)

o ISO 20000-1 (ITSM)

good to have

Conduct internal audits, readiness assessments, and surveillance audits

Support clients through certification and recertification cycles

Coordinate with certification bodies and external auditors


Client & Project Management:

Interact with client stakeholders for requirement gathering and reporting

Prepare risk assessment reports, audit reports, and management dashboards

Manage multiple client engagements and ensure timely delivery

Provide advisory recommendations and remediation roadmaps


Required Skills & Qualifications

Bachelors degree in IT, Computer Science, Cybersecurity, or related field

2-10 years of experience in GRC, ISO implementation, or cybersecurity consulting

Strong understanding of:

o Information Security & Risk Management

o ISO 27001 controls and risk treatment methodology

o Cybersecurity governance frameworks

Hands-on experience in ISO audits and documentation Preferred Certifications (One or more): ISO/IEC 27001 Lead Implementer / Lead Auditor

CISA / CRISC / CISSP (preferred)

CEH or equivalent cybersecurity certifications (good to have)


Key Competencies

Strong analytical and documentation skills

Client-facing and stakeholder management abilities

Good communication and presentation skills

Ability to work independently and in teams

Attention to detail and structured approach to problem-solving

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more