GRC Consultant

Protec is looking for a GRC Consultants. The successful candidate will be based at our Kenyan office. This is a full time  and permanent position, and the position may require the incumbent to travel locally and internationally.

Job Description

The GRC Consultant is part of the assurance department and focuses on Consulting and implementing systems audit related solutions and services.


1. Carry out system audit related projects including:

  • Implementation
  • Audit
  • Advisory services


2. Responding to ongoing RFP’s, RFQ’s, Tenders and identified potential leads, to achieve the monthly and quarterly targets.

3. Support in driving business meetings with prospective clients to establish new opportunities for systems audit and assurance services. i.e.:

  • System Hardening Services
  • Managed Security Services
  • Vulnerability Management and Penetration testing
  • Security operation Centre: Purple Teaming


4. Positioning and implementing our strategic GRC Related products to existing and potential clients.

5. Participating in security awareness training for clients.

6. Participating in carrying out Vulnerability Management and penetration testing projects.

7. Carrying out Managed Security Services Support

8. Develop proposals, quotations & sales contracts (SLA) while ensuring adherence to law-established rules and guidelines

9. Build and maintain account relationships and customer satisfaction.

10. Assess existence, efficiency, and effectiveness of the IT control environment by directing control/process optimization

11. Keep abreast of emerging technologies with the IT environment and help in developing audit plans to counter whatever risks that might be associated with the application of such technologies

12. Evaluating the architectural structure and the current security posture of customers and proposing effective implemented controls.

13. Respond in a timely manner (within documented SLA) to configuration, maintenance, incident management, and other requests.

Required skills and qualifications
  • Bachelor’s degree
  • CISA
  • Penetration testing knowledge and deployment testing
  • ISO 27001 | ISO27701 advantageous
  • Designing Assurance programs is a plus
  • Networking Certifications – Cisco, FORTINET or SOPHOS
  • Experience in implementing ISO 27001, carrying out assessment
  • Cloud, DevSecOps or Container Security – advantageous
Preferred skills and qualifications
  • Incumbent must be confident and have ability to work in a pressurized environment;
  • Sound knowledge and good understanding of IT industry environment and business needs;
  • Knowledge of solution capabilities and how the solution is designed to be integrated into the client environment.
  • Interpersonal skills with the ability to develop and maintain solid stakeholder relationships.
  • Strong command of the English language (verbal and written)
  • Excellent problem solving and planning skills
  • Self-motivated and committed to offering a professional service of the highest standard
  • Flexible, self-organized and display high level of initiative and operate effectively under pressure
  • Sound consulting skills and the ability to recognize opportunities for future business within an account together with ability to persuade and influence key customers;
  • Technical agility;
  • Attention to detail : detail level in-depth, data, application, network and integration layer security knowledge;
  • Sense of urgency and ability to prioritize;
  • Time management / self-motivated and people management
  • Excellent presentation skills
Please complete the below form and we will get back you ASAP.