GRC Senior Consultant

CIPHER, the cybersecurity company of the Prosegur Group, is looking for a Senior Consultant to join 
the Cybersecurity GRC (Governance, Risk and Compliance) team. 
 
The GRC Team addresses: 
• Governance: Provide organizations with operating models, roles and responsibilities, while 
using dashboards to monitor the achievement of cybersecurity goals. 
• Risk: Quantify cyber risk to the organizations in financial, reputational and legal terms, by 
performing cyber risk analysis and treatment. 
• Compliance: Help organizations achieve, maintain and report on compliance with an ever
evolving cyber standards and regulations. 

The main functions, tasks and responsibilities of this position are: 
 
• Lead and deliver GRC projects, while managing team members and clients, regarding 
Cybersecurity, Information Security and/or Data Privacy. 
• Produce and review project deliverables from the GRC tea, including audit reports, 
policies, procedures and related 
• Execute cybersecurity assessments/audits activities according to relevant good practices 
and standards. 
• Conduct the collection of evidence and corresponding assessments/audits.  
• Test security controls and examine records for evidence of control activities in place. 
• Determine compliance with organizational policies, standards and procedures and identify 
non-compliances. 
• Identify risks and vulnerabilities, assess their impact and probability, develop mitigation 
strategies and corresponding report. 
• Understand client needs and security requirements applicable. 
• Work collaboratively to develop and implement solutions. 
• Produce and present reports and deliverables to clients. 
• Coach and mentor GRC junior consultants. 
• Escalate issues where appropriate and involve cybersecurity specialists/managers.