Information Security Auditor

TL;DR

Information Security Auditor: Assessing and improving security controls across IT infrastructure, applications, technologies, and third parties with an accent on security assessments, compliance audits, and risk management. Focus on identifying information security risks, developing remediation strategies, and ensuring compliance with applicable laws and regulations.

Location: Limassol / Nicosia

Company

We are looking for an experienced, passionate and self-motivated professional to join our fast-growing Information Security team.

What you will do

• Perform hands-on complex security audits in IT infrastructure, applications, technologies and third parties.
• Assess internal controls, processes and policies related to Information Technology and Security; identifying deficiencies, and developing remediation strategies.
• Prepare comprehensive audit reports summarizing the audit scope, results of test work, findings and recommend corrective actions.
• Identify information security risks and make recommendations which are appropriate, practical and cost-effective.
• Liaise with external auditors and internal stakeholders in successful execution of all compliance audits.
• Provide regular reports and metrics on the security posture to the relevant stakeholders

Requirements

• BSc/MSc in Information Security or any other related field.
• Minimum 2 years working experience in an Information Security related field.
• Experience in IT Systems and Security audit, vulnerability assessments and security risk management.
• Demonstrated experience in auditing large scale infrastructures, information systems, IT processes and advanced security controls.
• Good knowledge of information and security technologies such as Windows and Active Directory, Linux, virtualization, host and application security, networking, firewalls, security architecture etc.
• Good understanding of security regulations and frameworks such as ISO 27001, NIST CSF and 800-53, GDPR, DORA etc.

Nice to have

• Hands-on experience in auditing cloud infrastructures (AWS, Azure, GCP etc) will be considered an advantage
• Audit-related and other information security certifications such as CISA, ISO 27001 Lead Auditor, CISSP, CCSP etc will be considered an advantage

Culture & Benefits

• Attractive remuneration package plus performance related reward.
• Private health insurance.
• Corporate pension fund.
• Intellectually stimulating work environment.
• Continuous personal development and international training opportunities.

Hiring process

• Let’s Connect – Intro Chat with Talent Acquisition.
• Deep Dive – First Interview with Your Future Team.
• Final Connection – Final Interview.