ICT GRC Analyst

Описание вакансии

#vacancy #job #Limassol #Cyprus #fulltime #office #ITAudit #GRCAnalyst

🆕 KoronaPay is a European fintech company operating in a regulated environment and we are looking for a hands-on ICT GRC Analyst to support the day-to-day execution of ICT compliance, security governance, and operational resilience activities.

Responsibilities

-Maintain and support control documentation.

-Collect, organize, and validate evidences for internal controls, audits, compliance initiatives, and regulatory readiness activities.

-Support activities related to DORA and other applicable ICT/security governance requirements.

-Prepare materials and evidence packs for internal audits, external audits, due diligence requests, and other assessments.

-Track documentation and records related to change management, access reviews, backup checks, resilience testing, exceptions, and other governance processes.

-Support risk and issue management processes.

-Assist with vendor and outsourcing governance activities.

-Support policy lifecycle activities.

-Prepare recurring reporting materials, dashboards, and governance summaries for the CISO and internal stakeholders.

-Support post-incident follow-up activities.

Requirements

-2-3+ years of experience in ICT compliance, security GRC, IT audit, IT risk, operational risk, or a similar control-focused role.

-Practical experience with evidence collection, audit support, control documentation, registers, and action tracking.

-Understanding of IT/security controls and structured governance processes.

-Good organizational skills and strong attention to detail.

-Ability to work across multiple teams and follow up on action items consistently.

-Good written English communication skills.

Nice to have

-Experience in fintech, payments, banking, or another regulated environment.

-Familiarity with DORA, NIS2, GDPR, ISO 27001, NIST, COBIT, and ITIL/ITSM.

-Experience supporting audits, vendor governance, outsourcing records, or resilience-related activities.

-Experience with Jira, Confluence, Excel, or GRC tools.

-Exposure to business continuity, disaster recovery, incident governance, or operational resilience processes.

❗The position does not offer remote work, the work format is office-based in Limassol.

If you’re interested in the role or would like to recommend someone, please feel free to contact me Откликнуться (HRM Lyubov). Also, please take a look at our Откликнуться