Install TAL
Jobs on TAL
All jobsOnsiteConsultingcybersecurity3-6 yearsiso/iec 27001
OnsiteMid Levelcybersecurity

GRC Consultant

PayatuPune, Maharashtra, IndiaPosted 19 May 2026

Payatu is looking for a GRC Consultant to join their offensive security team in Pune. The role focuses on building resilient security programs through framework alignment, risk management, and regulatory compliance. The ideal candidate has 3-6 years of experience in GRC, audit, and documentation within the cybersecurity sector. You will lead client implementation programs, conduct gap assessments, and translate complex compliance requirements into actionable security controls.

Matched by TAL

50k new jobs listed every day. Install TAL to find more jobs like this.

Install TAL

Experience

3-6 years

Function

Consulting

Work mode

Onsite, India

Company

Tier 2

What you will work on

Payatu is looking for a GRC Consultant to join their offensive security team in Pune. The role focuses on building resilient security programs through framework alignment, risk management, and regulatory compliance. The ideal candidate has 3-6 years of experience in GRC, audit, and documentation within the cybersecurity sector. You will lead client implementation programs, conduct gap assessments, and translate complex compliance requirements into actionable security controls.

TAL's take

Quality 60/1005/5 clarityTier 2 company

Strong domain-specific consultancy role with clear responsibilities at a respected cybersecurity firm.

Very clear, structured JD detailing specific frameworks and responsibilities required for the consultant role.

Salaries at Payatu

26.0 LPA average

Based on 1 Grapevine salary entries for Payatu.

View all salaries

Other roles

4 - 6 years

26 LPA average

Range: 26 - 26 LPA

Must haves

  • 3-6 years of experience in GRC or compliance
  • Bachelor's degree in IT, CS, or related field
  • Experience implementing ISO/IEC 27001:2022 ISMS
  • Knowledge of ISO/IEC 27001 Annex A controls
  • Audit implementation experience including CAPA and risk registers
  • Understanding of Indian regulatory requirements like DPDP Act

Tools and skills

iso/iec 27001iso/iec 17025iso/iec 17020iso/iec 17021-1dpdp act 2023rbi cybersecurity guidelinessebi it framework

Nice to have: gdpr, ccpa, nis directive 2.0, soc 2, pci dss, hipaa, nist, iec 62443, iec 81001-5-1, scrut, sprinto, servicenow grc, archer, metricstream.

About the company

Reputable niche cybersecurity consultancy, well-known in Indian offensive security space but not a global/tier-1 tech giant.

Posts mentioning Payatu

Company randomly changing components on paystubs

Is it a red flag if a company is frequently making changes to the paystub components? The CTC remains the same but they keep moving around things on the paystub. Like decrease certain component and increase other. I've noticed this occur closer to the tax season. Also, they keep updating the employment portal and later have all employees accept their offer letters again (because they have slyly added some text regarding this shuffling and juggling of components). Is this even legal in India?

Office Gossip52