GRC Consultant at Ethnos Cyber Limited

Ethnos Cyber Limited - As the preferred cybersecurity solutions provider in Africa, the success of Ethnos Cyber hinges, to a huge extent, on the dedication and quality of our employees. We have an array of varied, flexible, challenging, and rewarding career choices. We are committed to maintaining a stimulating workplace where all employees develop their talents and skills to help protect our customers’ data assets and align IT with business objectives.

Our mission is simple: We listen, we design, we execute. If you are creative, energetic, and a team player and want to play a key role in positioning our brand at the forefront of the industry, we’d love to hear from you.

We are recruiting to fill the position below:

Job Title: GRC Consultant 

Location: Victoria Island, Lagos
Employment Type: Full-time with flexible work plan

Job Description

• We are seeking a detail-oriented GRC Consultant to support the implementation, maintenance, and assessment of information security, privacy, and IT governance frameworks.
• The role involves contributing to compliance initiatives, risk management, policy development, audits, and stakeholder engagement across multiple standards and regulatory requirements.

Responsibilities:
Standards & Framework Implementation
Contribute to the implementation and maintenance of major standards and frameworks, including:

• ISO 27001 (Information Security Management): Support risk assessments, SoA development, control implementation, and ISMS documentation.
• ISO 22301 (Business Continuity Management): Assist with BIA, risk assessments, continuity planning, and BCMS documentation.
• ISO 20000 (IT Service Management): Support ITSM process documentation and alignment with business requirements.
• Cloud & Cybersecurity Standards (ISO 27017, ISO 27032): Assist in implementing cloud security and cybersecurity controls.
• Network Security (ISO 27033): Support assessments and documentation of secure network architecture.
• Data Protection & Privacy (NDPA and related regulations): Assist in data mapping, DPIAs, privacy compliance assessments, and documentation.
• PCI DSS: Support gap assessments, evidence collection, and remediation tracking.
• NDPA Implementation
• SWIFT CSCF: Assist in compliance assessments and documentation preparation.
• IT Governance (COBIT): Support governance assessments and process improvement initiatives.
• Enterprise Architecture (TOGAF): Contribute to aligning security requirements with architectural principles.

Auditing & Assessment

• Participate in internal audits, gap analyses, and readiness assessments.
• Document findings, observations, and recommendations.

Policy & Procedure Development

• Draft, review, and update policies, standards, and procedures aligned with best practices and regulatory requirements.

Risk Management

• Support risk identification, assessment, and documentation.
• Assist in developing and maintaining risk registers and treatment plans.

Stakeholder Engagement

• Collaborate with client teams to gather information, clarify requirements, and support implementation activities.

Training & Awareness

• Assist in developing training materials and delivering awareness sessions and training to clients

Qualifications

• Bachelor’s degree in Information Technology, Computer Science, Cyber/Information Security, or a related field.
• 1–3 years of experience in GRC, information security, audit, or related consulting roles.
• Exposure to implementing or supporting ISO standards and regulatory compliance programs.
• Experience conducting risk assessments and supporting remediation activities
• Knowledge of industry standards such as NIST, NDPA, PCI-DSS, ISO 27001, ISO 22301, ISO 20000, and SOC 2.

Skills and Competencies:

• Ability to work with Zoho tools and Microsoft Office packages; word, Excel, PowerPoint
• Strong understanding of GRC concepts and frameworks.
• Analytical and problem‑solving skills.
• Excellent written and verbal communication.
• Ability to work collaboratively and manage multiple tasks.
• Professionalism, adaptability, and attention to detail.
• Strong stakeholder engagement and interpersonal skills.
• Familiarity with frameworks such as NIST, PCI-DSS, NDPA, ISO 27001, ISO 22301, ISO 20000, SOC 2

Certifications (if any):

• ISC2 CC (Certified in Cybersecurity)
• ISO 27001/22301/20000 Lead Implementer/Auditor (Added Advantage)
• Cloud or Cybersecurity certifications (ISO 27017, ISO 27032)
• COBIT Foundation, or TOGAF (added advantage),

What We Offer

• Competitive salary and benefits package.
• Opportunity to work in a dynamic and innovative environment.
• Professional development and growth opportunities.
• A supportive and collaborative work culture.

Application Closing Date
31st January, 2026.

How to Apply
Interested and qualified candidates should:
Click here to apply online