Junior IT Auditor - Everypay (JIA 0924)

About EveryPay

At EveryPay, we are on a mission to build the digital financial infrastructure that underpins e-commerce in Greece, empowering Marketplaces, and Merchants to thrive.

We are a team of enthusiastic young people, driven by our values to Empower Customers, work as a Team Together, Manage Risk and Get Stuff Done.

We are proud to have built the payments layer connecting most Greek Marketplaces and Merchants with world-class schemes like Visa and MasterCard. We service most Greek Marketplaces, including Greece’s largest and most successful marketplace: Skroutz.

Our systems connect to thousands of banks, in Greece and abroad. Our tech processes tens of thousands of transactions every day – that’s €billions worth of e-commerce. If you have bought something online in Greece, chances are you have already used our payments product. 

EveryPay is fully owned by the Skroutz Group of Companies and is both a Tech Company and a Regulated Financial Services Institution. Therefore, you will be exposed to the world of the Tech Payments Sector and that of Financial Services. 

How you will contribute to EveryPay's vision

EveryPay’s Internal Audit Department is searching for a Junior IT Auditor with a passion for identifying and mitigating business and technology risks. Serving as an advisor to the audit engagement stakeholders, the IT Auditor will help provide robust independent assurance and assist the IAD in accomplishing its objectives by bringing a systematic and disciplined approach in evaluating and improving the effectiveness of EveryPay’s IT governance, risk management and internal control environment. 

From initial scope to final report, the successful candidate will assist the planning and delivery of a range of IT audits as well as also being assigned to a variety of IT focused reviews under a variety of financial and operational audits in accordance with the organization’s Audit Plan.

What you will be doing:

• Plan, lead and execute risk-based audits/assessments of IT processes against the regulatory framework, leading practices, and common standards
• Maintain working paper and documentation to the Departments Internal Audit quality standards
• Monitor, on an ongoing basis, compliance with the regulatory and supervisory framework
• Prepare audit reports with accurate and objective representation of audit findings and formulate proposals for the elimination of identified risk and their underlying root causes
• Validate the addressing of deficiencies noted during audits through follow-up reviews
• Actively participate in the preparation of the annual internal audit plan
• Assist in conducting risk-based, operational, financial or compliance audits, giving risk based independent assurance of the company’s internal system of controls
• Conduct security audits to ensure that current security measures are adequate to protect against relevant threats
• Analyze potential financial statement exposure as it relates to IT control deficiencies and other integrated audit areas
• Establish and maintain good working relationships with team members staff, and external stakeholders
• Provide advice to business owners for remediation of internal control deficiencies and business process optimization

What will you need in order to succeed:

• At least a Bachelor’s degree, or equivalent, with emphasis in Information Technology, Computer Science, Business, or a related field
• Up to 4 years’ experience in IT auditing (applications, databases, operating systems, cybersecurity / network security, cloud computing, data management, IT outsourcing, IT Governance, BCP/DRP, network architecture, change management)
• A data-driven mindset and proficiency in both working with and interpreting data, with practical experience in coding i.e SQL, Python, etc
• High level of technology and business understanding and ability to translate technology issues and risks by identifying process inefficiencies and translating them into business terms
• Audit Experience in cybersecurity, IT infrastructure, and cloud-based services/systems/platforms (PaaS, SaaS, IaaS, BaaS) i.e AWS, GitHub 
• Possess proficient understanding of core banking processes, accounting standards, banking regulations, and information technology governance and frameworks (i.e COSO, CIS Critical Security Controls, COBIT, ISO 27001, NIST, PCI-DSS, etc.) as well as legal and regulatory frameworks (GDPR, BoG acts)
• Strong understanding of digital trends and risks associated with cloud environments, cybersecurity, and data privacy and how they relate to payment services
• Excellent verbal and written communication skills, both in Greek and English, including the ability to simplify issues, identify root causes, provide new insights, and recommend risk mitigation measures in a clear and concise manner

It would be great if you have

• Professional certifications related to IT audit and/or information security (e.g., CISA, CRISC, CGEIT, CIA, CISSP, CISM, ISO 27001) will be considered an asset
• Interpretation of service organization control (SOC) reports
• Good understanding of the business operations and processes in a financial institution or payment card industry
• Knowledgeable in any data analysis technique and tool

What’s it like to work at EveryPay?

• A great opportunity to contribute to EveryPay team's growth
• Being part of an environment that gives employees large goals, autonomy and mentoring, creates incredible opportunities, both for you and the company
• Competitive full-time salary
• Ongoing training and development
• Private Medical plan
• Access to books, online courses and relevant resources
• A hybrid model of work

As part of our dedication to the diversity of our workforce, Skroutz is committed to Equal Employment Opportunity without regard to race, color, national origin, ethnicity, gender, disability, sexual orientation or religion.

Disclaimer:

Skroutz collects and processes personal data in accordance with the EU General Data Protection Regulation (GDPR). We are bound to use the information provided within your job application for recruitment purposes only and not to share these with any unauthorized third parties. Please read our Recruitment Privacy Policy here.