Senior GRC Consultant

WE ARE ODYSSEY, looking for Cyber Warriors to join our journey!Are you someone who thrives in the face of challenges?Do you have a collaborative spirit, passion for innovation and a commitment to making the world a cyber safer place for all?If so, join OUR Odyssey and make it your journey as well, because the beauty and reward lie in the journey and not the destination itself.ROLE DESCRIPTIONThe Senior GRC Consultant will be responsible for leading and managing the development and implementation of Governance, Risk, and Compliance (GRC) programs for our clients, ensuring adherence to risk management and cybersecurity directives and regulations. This role requires a deep understanding of EU-specific regulations such as NIS, and NIS2, and the ability to support customers across various geographic locations. The ideal candidate will have extensive experience in risk management, compliance, and cybersecurity, with strong analytical and communication skills to effectively interact with stakeholders at all levels.MAIN RESPONSIBILITIESLead the development and implementation of GRC programs in line with EU directives and regulations.Conduct risk assessments and gap analyses to ensure compliance with relevant regulatory requirements.Develop, implement, monitor and audit compliance programs to ensure adherence to standards and regulatory frameworks including NIS, NIS2, ISO 27001, PCI DSS, SWIFT CSCF, SOC2, ISO 22301Provide expert guidance on cybersecurity policies, procedures, and controls.Develop and deliver training programs for employees on compliance and cybersecurity best practices.Collaborate with cross-functional teams to address and mitigate risk.Prepare and present compliance and risk reports to senior management.Support clients across various geographic locations, ensuring they meet local compliance requirements.KNOWLEGDE, SKILLS AND EXPERIENCE REQUIREDEducationBachelor’s degree in Information Security, Cybersecurity, Computer Science, Business Administration, or a related field.Master's Degree preferred in Information Security, Cybersecurity, Risk Management, or related discipline. CertificationsISO27001 lead auditor, ISO27001 lead implementor, CISA and/or CISM and/or CRISC is highly preferred.Any additional certifications related to EU regulations and data protection will be considered as a plus.ExperienceMinimum 5-7 years of experience in governance, risk management, and compliance roles.Proven experience with EU cybersecurity directives and regulations, such as NIS Directive (Network and Information Security Directive) and the upcoming NIS2 Directive.Experience with risk management frameworks (e.g., ISO 27005).Demonstrated expertise in cybersecurity frameworks (e.g., ISO 27001/27002, NIST Cybersecurity Framework).Experience supporting clients in various geographic locations and understanding the nuances of regional compliance requirements. LanguagesExcellent spoken and written knowledge of English. Proficiency in additional languages than English relevant to target geographic regions is a plus. Core CompetenciesStrategic Thinking: Ability to develop and execute strategic plans for channel development.Customer Focus: Strong commitment to understanding and meeting the needs of VARs and their customers.Results-Driven: Demonstrated ability to achieve and exceed sales targets.Adaptability: Flexibility to adapt to changing market conditions and business needs.Team Player: Collaborative approach to working with internal teams and external partners. Technical SkillsStrong understanding of risk management processes and GRC tools (e.g., RSA Archer, ServiceNow GRC, MetricStream).Familiarity with data protection tools and technologies.Proficient in risk assessment methodologies and tools.Knowledge of incident response planning and execution.Experience with audit management and compliance reporting. Knowledge and Professional CompetenciesIn-depth understanding of EU regulations and directives related to cybersecurity and data protection.Knowledge of industry best practices in cybersecurity, governance, risk management, and compliance.Ability to analyze complex regulatory requirements and translate them into actionable internal policies and procedures.Strong analytical and problem-solving skills.Excellent communication and presentation abilities for engaging with stakeholders at all levels.Proficiency in project management principles and practices. Additional RequirementsFluent in English (additional EU languages are a plus).Ability to travel as required within the EU and to other geographic locations to support clients.Strong cultural awareness and ability to work effectively with diverse teams.Commitment to continuous learning and staying updated with the latest developments in EU regulations and cybersecurity trends.WHAT’S IN IT FOR YOUCompetitive remuneration package (according to experience and qualifications)Opportunity to work in a highly specialized, dynamic and professional environmentHybrid and contemporary working environment, “Best Place to Work” for 3 yearsComprehensive Medical and Life InsurancePerformance based awards and bonusesAccess to brightest minds and the latest technologiesMentoring, training & development opportunities