Location: Panama (Remote) Salary: $35,000 - $45,000 (Dependent on experience) We are seeking a Senior Information Security Consultant to join our GRC Consulting team. This is a client-facing, delivery-led role for an experienced security and compliance professional who can lead engagements, own client relationships, and provide high-quality advisory services. You will play a key role in shaping client outcomes, mentoring junior team members, and helping evolve our GRC delivery capability. Cognisys is a leading Cyber Security company specialising in Penetration Testing, GRC Consulting, and Managed Security services. We pride ourselves on our customer service, forward-thinking approach and commitment to excellence. Our small but mighty team works with some of the best-known companies in the world, covering over 30 different countries across the globe! About the Role Our GRC Consulting practice helps organisations strengthen their security posture and achieve compliance through clear, structured, and practical guidance. We work with clients at different stages of maturity, from building foundational security programmes to operating mature, scalable compliance functions. As a Senior Information Security Consultant, you will take responsibility for designing and delivering GRC engagements end-to-end. You will translate regulatory and framework requirements into practical, business-aligned solutions, guide clients through complex compliance challenges, and act as a trusted advisor to technical and non-technical stakeholders alike. This role suits someone who combines strong technical GRC knowledge with consulting experience, confidence in client delivery, and a desire to raise the standard of security governance across organisations. Key Responsibilities Client Leadership & Delivery - Lead and deliver GRC consulting engagements across a range of clients and industries. - Act as the primary point of contact for assigned clients, owning delivery quality and client satisfaction. - Design and implement GRC programmes aligned to frameworks such as ISO 27001, SOC 2, NIST, and related standards. - Lead security posture assessments, gap analyses, and maturity reviews. - Develop practical remediation roadmaps and guide clients through implementation. - Support clients through audit preparation, certification, and external assessments. - Facilitate client workshops, risk assessments, and stakeholder sessions with confidence and authority. Advisory & Technical Expertise - Provide expert guidance on security governance, risk management, and compliance strategy. - Interpret standards and regulations and translate them into pragmatic, business-focused solutions. - Advise clients on control design, operating models, and sustainable compliance practices. - Support the development of client security documentation, including policies, procedures, risk registers, control frameworks, and governance models. - Help clients embed compliance into operational and technical processes rather than treating it as a one-off activity. Quality & Delivery Excellence - Own the quality of client deliverables, ensuring accuracy, clarity, and consistency with internal standards. - Review and provide constructive feedback on work produced by junior consultants and analysts. - Continuously improve delivery playbooks, templates, and methodologies. - Ensure engagements are delivered on time, within scope, and to a high professional standard. Team Leadership & Mentorship - Mentor and support junior team members, accelerating their technical and consulting development. - Provide guidance, coaching, and informal line management support where required. - Act as a role model for consulting best practice and professional conduct. - Contribute to building a collaborative, high-performing team culture. Operational Improvement & Practice Growth - Identify opportunities to improve delivery efficiency, tooling, and ways of working. - Contribute to the development of a scalable and repeatable GRC consulting model. - Support pre-sales activity where required, including scoping, proposal input, and client discovery sessions. - Help shape the strategic direction of the GRC practice through feedback and innovation. Requirements - 5+ years’ experience in security, risk, compliance, or GRC-focused roles. - Strong practical experience with one or more frameworks such as ISO 27001, SOC 2, NIST, or similar. - Proven experience delivering client-facing GRC or compliance engagements. - Confidence leading client meetings, workshops, and complex discussions. - Ability to design security governance and compliance programmes, not just implement them. - Strong written communication skills, with experience producing high-quality client documentation. - Experience mentoring or supporting the development of junior team members. - Strong organisational skills and ability to manage multiple engagements and priorities. - A pragmatic, solutions-focused mindset with an understanding of business realities. - Consulting experience is highly desirable. If you think you can deliver but don't match the criteria above, please don't be put off. We are very open-minded and focus on ability and attitude above skills. What We Offer - Annual Leave: 30 days per year plus 12 Panamanian public holidays. - Additional Leave: 1 day of paid leave on your birthday. - Working Hours: 40 hours per week, Mon-Fri 9-6. - Health & Wellbeing: Individual healthcare insurance plan and access to an employee mental health and wellbeing platform. - Professional Development: £2,000 annual training budget to support your continued learning and career growth. - Refer a friend bonus scheme, up to £2,000! Why Join Us? At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact for our clients. We'd love to hear from you if you want to challenge, lead and innovate! We're not just about the work; we're about the people. Join a team where innovation is celebrated, and your contributions are valued. We foster a collaborative environment where fresh ideas thrive, and professional growth is encouraged. Applications Please feel free to reach out to Dom, our Head of Talent Acquisition, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – hiring@cognisys.group Please note: We’re always happy to help with questions, but to keep our process fair for everyone, we’re unable to accept applications via email—please apply directly through the job advert page. We welcome applications from candidates from a range of diverse backgrounds and can make various reasonable adjustments to consider individual needs. NO RECRUITMENT AGENCIES, PLEASE

Location: South Africa (Remote) Salary: R780 000 - R900 000 per annum (DOE) About the Role Our GRC Consulting practice helps organisations strengthen their security posture and achieve compliance through clear, structured and practical guidance. We work with clients at different stages of maturity, from building foundational security programmes to operating mature, scalable compliance functions. This is a client-facing, delivery-led role for an experienced security and compliance professional who can lead engagements, own client relationships and provide high-quality advisory services. You will play a key role in shaping client outcomes, mentoring junior team members, and helping evolve our GRC delivery capability. As a Senior Information Security Consultant, you will take responsibility for designing and delivering GRC engagements end-to-end. You will translate regulatory and framework requirements into practical, business-aligned solutions, guide clients through complex compliance challenges, and act as a trusted advisor to technical and non-technical stakeholders alike. This role suits someone who combines strong technical GRC knowledge with consulting experience, confidence in client delivery, and a desire to raise the standard of security governance across organisations. Key Responsibilities Client Leadership & Delivery - Lead and deliver GRC consulting engagements across a range of clients and industries. - Act as the primary point of contact for assigned clients, owning delivery quality and client satisfaction. - Design and implement GRC programmes aligned to frameworks such as ISO 27001, SOC 2, NIST, and related standards. - Lead security posture assessments, gap analyses, and maturity reviews. - Develop practical remediation roadmaps and guide clients through implementation. - Support clients through audit preparation, certification, and external assessments. - Facilitate client workshops, risk assessments and stakeholder sessions with confidence and authority. Advisory & Technical Expertise - Provide expert guidance on security governance, risk management, and compliance strategy. - Interpret standards and regulations and translate them into pragmatic, business-focused solutions. - Advise clients on control design, operating models, and sustainable compliance practices. - Support the development of client security documentation including policies, procedures, risk registers, control frameworks and governance models. - Help clients embed compliance into operational and technical processes rather than treating it as a one-off activity. Quality & Delivery Excellence - Own the quality of client deliverables, ensuring accuracy, clarity and consistency with internal standards. - Review and provide constructive feedback on work produced by junior consultants and analysts. - Continuously improve delivery playbooks, templates, and methodologies. - Ensure engagements are delivered on time, within scope, and to a high professional standard. Team Leadership & Mentorship - Mentor and support junior team members, accelerating their technical and consulting development. - Provide guidance, coaching, and informal line management support where required. - Act as a role model for consulting best practice and professional conduct. - Contribute to building a collaborative, high-performing team culture. Operational Improvement & Practice Growth - Identify opportunities to improve delivery efficiency, tooling, and ways of working. - Contribute to the development of a scalable and repeatable GRC consulting model. - Support pre-sales activity where required, including scoping, proposal input and client discovery sessions. - Help shape the strategic direction of the GRC practice through feedback and innovation. Requirements - 5+ years’ experience in security, risk, compliance, or GRC-focused roles. - Strong practical experience with one or more frameworks such as ISO 27001, SOC 2, NIST, or similar. - Proven experience delivering client-facing GRC or compliance engagements. - Confidence leading client meetings, workshops, and complex discussions. - Ability to design security governance and compliance programmes, not just implement them. - Strong written communication skills, with experience producing high-quality client documentation. - Experience mentoring or supporting the development of junior team members. - Strong organisational skills and ability to manage multiple engagements and priorities. - A pragmatic, solutions-focused mindset with an understanding of business realities. - Consulting experience is highly desirable. What We Offer - A dynamic and supportive work environment where customer care and innovation drive everything we do. - A dedicated budget for your professional development - Access to an Employee Wellness Hub supported by Kara Connect for health and well-being resources. - Frequent team social events and celebrations. - 25 days leave, plus a birthday holiday. - Refer a friend bonus scheme, up to £2,000! Why Join Us? At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact for our clients. We'd love to hear from you if you want to challenge, lead and innovate! We're not just about the work; we're about the people. Join a team where innovation is celebrated, and your contributions are valued. We foster a collaborative environment where fresh ideas thrive, and professional growth is encouraged. Applications We’re always happy to help with questions, but to keep our process fair for everyone, we’re unable to accept applications via email—please apply directly through the job advert page. Please feel free to reach out to Andrea, our Senior Recruiter, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – andrea.smith@cognisys.group We welcome applications from candidates from a range of diverse backgrounds and can make various reasonable adjustments to consider individual needs. NO AGENCIES PLEASE

Location: South Africa (Remote) Salary: R450 000 - R650 000 per annum (DOE) About the Role Our GRC Consulting practice helps organisations strengthen their security posture and achieve compliance through clear, structured, and practical guidance. We work with clients at different stages of maturity, from building foundational security programmes to operating mature, scalable compliance functions. We are seeking an Information Security Consultant to join our GRC Consulting team. This is a client-facing, delivery-focused role suited to a security and compliance professional who is confident supporting engagements and contributing high-quality advisory services. As an Information Security Consultant, you will support the delivery of GRC engagements across a range of clients and industries. You will help translate regulatory and framework requirements into practical, business-aligned solutions and work collaboratively with senior consultants and client stakeholders to drive measurable improvements in governance, risk, and compliance. This role suits someone with strong foundational GRC knowledge, growing consulting experience, and a desire to develop into a trusted security advisor. Key Responsibilities Client Delivery & Support - Lead the delivery of GRC consulting engagements across multiple clients and sectors. - Contribute to security posture assessments, gap analyses, and maturity reviews. - Assist in the design and implementation of GRC programmes aligned to frameworks such as ISO 27001, SOC 2, NIST, and related standards. - Support clients through audit preparation, certification processes, and external assessments. - Develop remediation plans and assist clients in tracking progress against agreed actions. - Participate and lead in client workshops, risk assessments, and stakeholder sessions. Advisory & Technical Contribution - Support the interpretation of security standards and regulations, translating requirements into practical recommendations. - Lead in the development of policies, procedures, risk registers, control frameworks, and governance documentation. - Contribute to the design and documentation of security controls and operating models. - Help embed compliance activities into operational and technical processes. - Conduct risk assessments and maintain supporting documentation. Quality & Professional Standards - Produce high-quality client deliverables with clarity, accuracy, and consistency. - Follow established methodologies, templates, and internal quality standards. - Proactively identify areas for improvement within engagements. - Manage assigned tasks effectively to meet deadlines and scope expectations. Requirements - 2–5 years’ experience in security, risk, compliance, or GRC-related roles. - Practical experience with at least one framework such as ISO 27001, SOC 2, NIST, or similar standards. - Experience supporting compliance or assurance initiatives (internal or client-facing). - Strong written and verbal communication skills. - Ability to manage multiple priorities in a structured and organised manner. - Analytical mindset with a pragmatic approach to problem solving. - Comfortable working with both technical and non-technical stakeholders. - Consulting experience is highly desirable but not essential. - Experience with GRC platforms including Vanta is desirable. What We Offer - A dynamic and supportive work environment where customer care and innovation drive everything we do. - A dedicated budget for your professional development - Access to an Employee Wellness Hub supported by Kara Connect for health and well-being resources. - Frequent team social events and celebrations. - 25 days holiday leave, plus a birthday holiday. - Refer a friend bonus scheme, up to £2,000! Why Join Us? At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact for our clients. We'd love to hear from you if you want to challenge, lead and innovate! We're not just about the work; we're about the people. Join a team where innovation is celebrated, and your contributions are valued. We foster a collaborative environment where fresh ideas thrive, and professional growth is encouraged. Applications We’re always happy to help with questions, but to keep our process fair for everyone, we’re unable to accept applications via email—please apply directly through the job advert page. Please feel free to reach out to Andrea, our Senior Recruiter, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – andrea.smith@cognisys.group We welcome applications from candidates from a range of diverse backgrounds and can make various reasonable adjustments to consider individual needs. NO AGENCIES PLEASE

• Lead collaboration with clients to understand their business objectives, requirements, and pain points related to software implementation. • Conduct thorough assessments of clients' existing systems, processes, and workflows to identify gaps and opportunities for improvement. • Establish and nurture strong relationships with key client stakeholders and act as a point of contact throughout the implementation process. • Partner with Product team as an SME and contribute to requirements and inputs. • Lead collaboration with internal teams, such as software developers and project managers, to ensure seamless integration of software solutions into clients' existing infrastructure. • Develop and execute implementation plans according to project scope, timeline, milestones, and resource requirements. • Lead software configuration, customization, and data migration activities to ensure accurate and timely implementation. • Lead training sessions and workshops for clients' end users to ensure successful adoption and utilization of the software. • Initiate ongoing support and guidance to clients during the implementation process, addressing any issues, questions, or concerns that may arise. • Develop and deliver training materials, user guides, and documentation to support clients' understanding and effective use of the software. • Identify and mitigate risks and issues that may impact the successful completion of the implementation projects. • Collaborate with project managers to ensure projects are delivered on time, within budget, and according to quality standards. • Provide guidance to teammates.