Job Description
\nYou will be part of a team that supports CIOs in managing central challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget restrictions. As a Cyber GRC Senior Consultant, you will work with security, IT, and compliance teams to strengthen cybersecurity, manage cyber risks, and ensure regulatory compliance.
\nKey Responsibilities
\nRequirements
\n+ A relevant university degree (Bachelor or Master) in Information Security, Cybersecurity, or IT Security \t+ At least 1-5+ years of experience in the field of Cyber Security/Information Security \t+ A broad business competence profile, including stakeholder management, problem-solving ability, and resilience \t+ Experience in collecting, validating, analyzing, documenting, and communicating information to stakeholders
\nDesired Skills
\nIdeal Candidate Profile
\n+ Strong business competence, particularly in stakeholder management and problem-solving \t+ Experience in preparing and communicating complex information to stakeholders \t+ Very good communication skills in German (C2) and English (C2) and project-related travel readiness \t+ Enjoy working with customers from different industries \t+ Experience in balancing technical and commercial requirements to develop practical solutions \t+ Ability to build lasting business relationships at all levels \t+ Ability to provide expert support and guidance to less experienced colleagues \t+ Ability to explain complex cyber methods in a non-technical and understandable way (written and oral)
\nBenefits
\nYou will be part of a team that supports CIOs in managing central challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget restrictions. Our team of business analysts, enterprise architects, and cyber security specialists combines operational, strategic, analytical, and innovative competencies to drive business-IT alignment, IT governance transformation, IT cost optimization, efficiency improvement, innovation promotion, and cyber risk, governance, and compliance topics.
\nAbout Infosys Consulting
\nYou will be part of a globally renowned management consulting firm that is on the front-line of industry disruption. We are a mid-size player with a supportive, entrepreneurial spirit that works with a market-leading brand in every sector, while our parent organization Infosys is a top-5 powerhouse IT brand that is outperforming the market and experiencing rapid growth.
\nOur consulting business is annually recognized as one of the UK's top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity, and dedicated training and career paths we offer to our consultants. We are committed to fostering an inclusive work culture that inspires everyone to deliver their best.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_0d6b0b5c-92a","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Infosys Consulting - Europe","sameAs":"https://jobs.workable.com","logo":"https://logos.yubhub.co/view.com.png"},"x-apply-url":"https://jobs.workable.com/view/oexxh4mvWPKhUMdVS3q5pd/hybrid-governance%2C-risk%2C-and-compliance-(grc)-sme--(m%2Fw%2Fd)-dach-region-in-munich-at-infosys-consulting---europe","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Cybersecurity","Risk Management","Regulatory Compliance","NIST CSF","Cyber Due Diligence Assessments","Cyber Risk Management","Incident Response Plans","Crisis Management Exercises","Certifications","Target Operating Models","RACI matrices","Cyber Security Roadmaps","Post-Incident Reviews","Cyber Threat Intelligence Reports","Cyber Compliance Programs","Cyber Risk Assessments","Awareness Trainings","Identity & Access Management","Privileged Access Management"],"x-skills-preferred":["German","English","Stakeholder Management","Problem-Solving","Resilience","Communication","Project Management","Business Analysis","Enterprise Architecture","Cyber Security","IT Governance","IT Cost Optimization","Efficiency Improvement","Innovation Promotion"],"datePosted":"2026-03-09T16:54:02.938Z","employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Consulting","skills":"Cybersecurity, Risk Management, Regulatory Compliance, NIST CSF, Cyber Due Diligence Assessments, Cyber Risk Management, Incident Response Plans, Crisis Management Exercises, Certifications, Target Operating Models, RACI matrices, Cyber Security Roadmaps, Post-Incident Reviews, Cyber Threat Intelligence Reports, Cyber Compliance Programs, Cyber Risk Assessments, Awareness Trainings, Identity & Access Management, Privileged Access Management, German, English, Stakeholder Management, Problem-Solving, Resilience, Communication, Project Management, Business Analysis, Enterprise Architecture, Cyber Security, IT Governance, IT Cost Optimization, Efficiency Improvement, Innovation Promotion"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_1bdc3caf-792"},"title":"Governance, Risk, and Compliance (GRC) SME - Senior Consultant","description":"Do you want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300,000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready?
\nWe are looking for a highly skilled Cyber GRC (Governance, Risk, and Compliance) Senior Consultant to help organizations strengthen their cybersecurity posture, manage cyber risks, and ensure regulatory compliance. The ideal candidate will have deep expertise in cybersecurity frameworks, risk management, regulatory compliance, and security governance.
\nAs a Cyber GRC Senior Consultant, you will collaborate with client security, IT, and compliance teams to direct and oversee the development and implementation of cybersecurity policies, conduct risk assessments, and ensure adherence to global security standards and regulations.
\nKey Responsibilities:
\nWork on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization.
\nContribute to the development of consulting go to market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks.
\nDirect and lead NIST CSF risk assessments
\nOversee the design of innovative new services to lead the market incorporating AI and ML where it brings value.
\nSupport presales, sales, and account management pursuits from a subject matter expert perspective.
\nRequirements
\nYou will have already achieved strong career progression to date, and experience working with recognized consulting brands and large commercial sector clients. You will have a passion for cyber security and a genuine interest in staying updated with the latest industry trends and developments.
\nYour security experience must include:
\nA relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security)
\n1-5 years+ in the field of cyber security/infosec.
\nA broad business skill set including stakeholder management, problem-solving, and resilience
\nExperience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences
\nExcellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel
\nYour diverse Security experience should include one or some of below:
\nA good understanding of NIST CSF
\nA post graduate degree in cyber /information security
\nCyber Due Diligence Assessments
\nThird- Party & Supply chain Cyber Risk Management
\nIncident Response Plan review
\nSupporting bids, RFP responses and proposals
\nCrisis Management Exercises (CMX)
\nAccreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM,
\nHelped design Target Operating Models (TOMs) and RACI Matrices
\nHelping the design of Cyber Security Roadmaps
\nSupporting Post Incident Reviews
\nReading and summarising Cyber Threat Intelligence reports
\nCyber Security Risk Assessments or Maturity Assessments
\nDesign and/deliver awareness training.
\nWorked on Identity and Access Management projects.
\nWorked on Privileged access management projects
\nOur ideal candidate may have some of the following skills:
\nHave a broad business skill set including stakeholder management, problem-solving, and resilience
\nHave experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences
\nHave excellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel
\nEnjoy working with different clients from different industries.
\nHave some experience in balancing technical and commercial considerations to develop practical advice or solutions for clients.
\nBe able to build strong and effective business relationships at all levels
\nBe able to support and oversee staff with less experience in their tasks
\nBe able to explain complex cyber methodologies using accessible non-technical language (both written and verbal)
\n_Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now._
\nAbout your team
\nAt the Tech Transformation practice, we help CIOs overcome their biggest challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget constraints; enabling them to leverage technology to deliver value to their business. We have a team of business analysts, enterprise architects and cybersecurity specialists with business, operational, strategic, analytical and innovation skills. that come together to drive business IT alignment, Transform IT governance, IT Cost containment, operating efficiency improvements, Innovation enablement and cybersecurity risk, governance, and compliance.
\nAbout Infosys Consulting
\nBe part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey.
\nOur core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, Equity and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page.
\nWithin Europe, we are recognized as one of the UK’s top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity and dedicated training and career paths. Infosys is on the Germany’s top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row.
\nWe offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We’d love to hear from you.... Apply today!
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_1bdc3caf-792","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Infosys Consulting - Europe","sameAs":"https://jobs.workable.com","logo":"https://logos.yubhub.co/view.com.png"},"x-apply-url":"https://jobs.workable.com/view/kpLfuJ6MMnQF6UP1PbZm31/remote-governance%2C-risk%2C-and-compliance-(grc)-sme---senior-consultant-in-poland-at-infosys-consulting---europe","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["cybersecurity frameworks","risk management","regulatory compliance","security governance","NIST CSF","cyber due diligence assessments","third-party and supply chain cyber risk management","incident response plan review","crisis management exercises","accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM","target operating models","RACI matrices","cybersecurity roadmaps","post-incident reviews","cyber threat intelligence reports","cybersecurity risk assessments","identity and access management","privileged access management"],"x-skills-preferred":["stakeholder management","problem-solving","resilience","data and information gathering","data and information validation","data and information synthesis","data and information documentation","data and information communication","interpersonal skills","written communication skills","verbal communication skills"],"datePosted":"2026-03-09T16:53:00.785Z","jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Consulting","skills":"cybersecurity frameworks, risk management, regulatory compliance, security governance, NIST CSF, cyber due diligence assessments, third-party and supply chain cyber risk management, incident response plan review, crisis management exercises, accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM, target operating models, RACI matrices, cybersecurity roadmaps, post-incident reviews, cyber threat intelligence reports, cybersecurity risk assessments, identity and access management, privileged access management, stakeholder management, problem-solving, resilience, data and information gathering, data and information validation, data and information synthesis, data and information documentation, data and information communication, interpersonal skills, written communication skills, verbal communication skills"}]}