GRC/Information Security Consultant
Job Title: GRC/Information Security Consultant
Location: Strovolos, Nicosia, Cyprus
Job Type: Full-Time
Remote Option: Yes
About Us:
We are a leading provider of cybersecurity services in Cyprus, committed to delivering state-of-the-art services to protect businesses from cyber threats. Our core values of integrity, innovation, and excellence drive our operations, ensuring we offer the best security practices and client services.
Job Description:
As an Information Security Consultant, you will guide our clients through the complexities of governance, risks and compliance (GRC). Your role will involve assessing and managing risks, recommending risk-mitigating actions, developing security strategies, and ensuring clients' IT environments align with industry best practices and regulatory requirements.
Responsibilities:
- Plan and execute assessments in the areas of IT Governance (ISO 27001, NIST), IT Regulatory Compliance (EBA, EIOPA, GDPR, DSA, etc), IT Risk Assessments and IT Audits.
- Evaluate Information Security controls (e.g. identify and assess IT risks and controls)
- Provide consultation on information security controls and compliance measures.
- Develop customized security policies and frameworks for clients, based on standards such as ISO 27001.
- Assist clients in managing and mitigating risks associated with their IT operations.
- Catalogue, test and monitor controls.
- Create and perform gap analysis as well as provide strategy to implement and mitigate identified risks.
- Define business architecture and functional design.
- Manage projects, develop project plans, and monitor performance.
- Monitor deliverables and ensure timely completion of projects.
- Conduct meetings and presentations to share ideas and findings.
- Conduct functional walk-throughs with various stakeholders.
- Analyze system impacts to other systems and procedures.
- Participate in training personnel on enhancements, and new systems or procedures.
- Creating executive reporting and strategy documents.
- Stay abreast of the latest developments in IT security, regulations, and best practices.
Requirements:
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
- At least 2 years of experience in information security consulting, risk management, or a related field.
- Professional certifications such as CISA, CISSP, will be considered as an advantage.
- Strong knowledge of and experience with information security frameworks and compliance regulations.
- Strong understanding of and experience with identifying, assessing and testing risks, and controls.
- Strong understanding of and experience with process improvement and process mapping as well as creating complex process flows with control points.
- Excellent verbal and written communication skills at both business and deep technical levels.
- Excellent interpersonal skills.
- Self-directed and motivated.
- Ability to manage multiple tasks.
- Exceptional analytical and problem-solving skills.
How to Apply:
Interested candidates should submit their resume along with a cover letter to This email address is being protected from spambots. You need JavaScript enabled to view it., detailing how they can contribute to the cybersecurity challenges faced by our clients. Join us and help shape the future of cybersecurity in Cyprus and beyond.