Information Security Auditor 

Reference Number: ISA1022

The Role:

We are looking for an experienced, passionate and self-motivated professional to join our fast-growing Network and Security team. You will develop and manage the information security audit program and get to work in a challenging, dynamic and inspiring environment with state-of-the-art technologies and talented staff.

The main responsibilities of the position include:

• Plan and execute complex security audits in IT infrastructure, applications, technologies and third parties
• Assess internal controls, processes and policies related to Information Technology and Security; identifying deficiencies, and developing remediation strategies
• Prepare comprehensive audit reports summarizing the audit scope, results of test work, findings and recommend corrective actions
• Identify information security risks and make recommendations which are appropriate, practical and cost-effective
• Manage and monitor the progress of remediation steps on audit findings
• Ensure the organization meets all information security requirements of applicable laws and regulations
• Liaise with external auditors and internal stakeholders in successful execution of all compliance audits
• Provide regular reports and metrics on the security posture of the company to upper management

Main requirements:

• BSc/MSc in Information Security or any other related field
• Minimum 2 years working experience as an Information Security Auditor
• Experience in IT and Security audit, vulnerability assessments and security risk management
• Demonstrated experience in auditing large scale infrastructures, information systems, IT processes and advanced security controls
• Good knowledge of information and security technologies such as Windows and Active Directory, Linux, virtualization, host and application security, networking, firewalls, security architecture etc
• Hands-on experience in auditing cloud infrastructures (AWS, Azure, GCP etc) will be considered an advantage
• Good understanding of security regulations and frameworks such as ISO 27001, NIST CSF and 800-53, GDPR, PCI DSS etc
• Strong project management skills with the ability to work independently under minimal supervision and as part of a team
• Meticulous attention to detail with an analytical mind and outstanding problem-solving skills
• Excellent communication skills with the ability to explain technical concepts to a non-technical audience
• Audit-related certifications such as CISA, ISO 27001 Lead Auditor etc will be considered an advantage

Benefit from:

• Attractive remuneration package plus performance related reward
• Private health insurance
• Corporate pension fund
• Food allowance
• Intellectually stimulating work environment
• Continuous personal development and international training opportunities

Type of employment: Full time

Location: Limassol or Nicosia, Cyprus

Please visit our website www.xm.com/careers to submit your online application for this position.

All applications will be treated with strict confidentiality!