Search by job, company or skills

Nueva

Principal Consultant – GRC

Nueva
Philippines, Manila
Fresher
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted 5 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

We are seeking an experienced Principal Consultant in GRC to lead client engagements across audit, risk management and regulatory compliance. This role will focus on assessing and implementing industry standards and frameworks, while advising clients on building resilient, secure and compliant operating environments.

 

Key Responsibilities:

  • Lead and deliver audits and assessments against industry standards and frameworks (e.g., ISO 27001, NIST CSF, COBIT, ISO 31000, ISO 22301, SOC 2, GDPR, etc.)
  • Drive end-to-end implementation of governance and compliance frameworks, aligning with business objectives, with deep expertise in ISO/IEC 27001 and ISMS delivery.
  • Advise clients on business resilience, including development and testing of: Business Continuity Plans (BCP) & Disaster Recovery Plans (DRP)
  • Lead risk management activities, including: Enterprise risk assessments & Risk identification, analysis and mitigation planning,
  • Conduct threat modelling to identify potential vulnerabilities and control gap
  • Manage and assess third-party/vendor risk, & including due diligence and ongoing monitoring
  • Provide expertise in privacy and data protection, including: GDPR compliance, Notifiable Data Breach (NDB) requirements, & Data governance frameworks and controls
  • Develop and review policies, procedures and control frameworks
  • Engage with senior stakeholders to provide strategic advice and recommendations
  • Mentor junior consultants and contribute to practice development

 

Key Requirements:

  • Proven experience in GRC consulting, ideally within a professional services or consulting firm
  • Strong experience in auditing and implementing security and compliance frameworks (e.g., ISO 27001, NIST CSF, SOC 2, COBIT, etc)
  • Hands-on experience in business resilience planning (BCP/DRP)
  • Deep understanding of risk management frameworks and methodologies
  • Experience in threat modelling and security risk assessments
  • Strong knowledge of third-party risk management practices
  • Expertise in privacy regulations and data protection, including GDPR and data breach obligations
  • Experience in data governance and information security controls
  • Strong stakeholder management and communication skills
  • Relevant certifications (e.g., CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer) preferred

 

Preferred:

  • Experience working across multiple industries, including global engagements.
  • Ability to lead large, complex engagements
  • Commercial awareness and experience supporting business development

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Grc (Governance, Risk, And Compliance)
Employment Type:
Full time

About Company

Nueva

Job ID: 146630781

Jobs by Skill - IT
Jobs by Skill - Non IT
Jobs By Industry
International Jobs
Last Updated: 01-05-2026 06:02:55 AM
Homejobs in PhilippinesPrincipal Consultant – GRC

Similar Jobs

Information Security Manager

Financial Times

Post Trade Data Governance & Operations - Senior Manager

Macquarie Group

Associate Consultant, Data Management, Workforce Analytics

Northern Trust

HR Assistant

Bernhard Schulte Shipmanagement

CRM Data Specialist

EROAD