Information Security Auditor

Information Security Auditor - Cyprus

The Role: We are looking for an experienced, passionate and self-motivated professional to join our fast-growing Information Security team. As part of our Information Security Audit Program, you will have the opportunity to assess and improve security controls across a dynamic and fast-paced environment. You will work with cutting-edge technologies and talented professionals, gaining hands-on experience in security assessments, compliance audits, and risk management. 

The main responsibilities of the position include:

• Perform hands-on complex security audits in IT infrastructure, applications, technologies and third parties 
• Assess internal controls, processes and policies related to Information Technology and Security; identifying deficiencies, and developing remediation strategies 
• Prepare comprehensive audit reports summarizing the audit scope, results of test work, findings and recommend corrective actions 
• Identify information security risks and make recommendations which are appropriate, practical and cost-effective 
• Manage and monitor the progress of remediation steps on audit findings 
• Ensure the organization meets all information security requirements of applicable laws and regulations 
• Liaise with external auditors and internal stakeholders in successful execution of all compliance audits 
• Provide regular reports and metrics on the security posture to the relevant stakeholders 

Main requirements:

• BSc/MSc in Information Security or any other related field 
• Minimum 2 years working experience in an Information Security related field 
• Experience in IT Systems and Security audit, vulnerability assessments and security risk management 
• Demonstrated experience in auditing large scale infrastructures, information systems, IT processes and advanced security controls 
• Good knowledge of information and security technologies such as Windows and Active Directory, Linux, virtualization, host and application security, networking, firewalls, security architecture etc 
• Hands-on experience in auditing cloud infrastructures (AWS, Azure, GCP etc) will be considered an advantage 
• Good understanding of security regulations and frameworks such as ISO 27001, NIST CSF and 800-53, GDPR, DORA etc 
• Strong project and time management skills with the ability to work independently under minimal supervision and as part of a team 
• Meticulous attention to detail with an analytical mind and outstanding problem-solving skills 
• Excellent communication skills with the ability to explain technical concepts to a non-technical audience 
• Audit-related and other information security certifications such as CISA, ISO 27001 Lead Auditor, CISSP, CCSP etc will be considered an advantage 

Benefit from:

• Attractive remuneration package plus performance related reward
• Private health insurance
• Corporate pension fund
• Intellectually stimulating work environment
• Continuous personal development and international training opportunities

All applications will be treated with strict confidentiality!