THE SKILLS WE WOULD LOVE TO SEE IN YOUR SUITCASE.

• Bachelor’s degree in a related field i.e. Commerce, IT, Information Security, Risk Management, Finance.
• 2 years knowledge of frameworks such as: ISO 27001 / 31000, NIST CSF, PCI-DSS
• Strong analytical, writing, and presentation skills.
• Ability to manage multiple projects and interact with both technical and non-technical stakeholders.
• Professional certification such as CISA, CRISC, ISO Lead Auditor/Implementer are preferred.
• Consulting experience is a plus.

IN THIS ROLE YOU WILL:

Join Web Travel Group as a GRC Consultant and take the lead in shaping and strengthening our compliance and security frameworks. You will play a lead role in key programs such as PCI-DSS, ISO 27001, and NIST CSF. You’ll manage audits, conduct risk assessments, and support policy development—ensuring our compliance posture stays strong and future-ready.

KEY RESPONSIBILITIES.

• Maintain and lead our compliance programs including PCI-DSS, ISO 27001, NIST CSF etc.
• Manage audit programs – liaise with third-party auditors.
• Conduct risk assessments and gap analyses to understand key threats to our organisation.
• Select and implement an appropriate compliance tool to manage our compliance programs.
• Facilitate third-party risk management, vendor due diligence, and contract compliance.
• Support development of our security and compliance policies and procedures.
• Monitor and report on key risk indicators (KRIs), compliance metrics, and audit findings.
• Stay current on emerging regulatory trends and best practices in risk and compliance.
• Following up with key stakeholders on open risks and ensuring appropriate mitigations are in place.