Information Security Risk Officer - Cyprus

The role:

Join our dynamic Information Security GRC team to play a crucial role in strengthening our business operations. As a key member, you'll enforce our Information Security Framework, conduct internal risk assessments, and collaborate with the CISO to define assessment scopes. Your responsibilities will include: review internal systems, processes, and procedures, record risks, and prepare insightful reports. Additionally, you'll contribute to Information Security projects, ensuring state-of-the-art solutions in line with regulatory requirements and best practices. This is an opportunity to make a significant impact in a forward-thinking environment, safeguarding our business while driving innovation in Information Security. Join us for a fulfilling journey!

Main responsibilities:

• Plan and execute technical and targeted risk assessments in IT infrastructure, applications, technologies, and third parties
• Assess internal controls, processes, and policies related to Information Technology and Security, identify deficiencies, and develop remediation strategies
• Perform risk analysis on current risks and identify potential risks at operational, tactical, and strategic level
• Perform risk evaluation on previously handled risks and compare mitigation approaches to potential risks
• Maintain the risk register and the Information Security Risk Management Program
• Identify information security risks and make recommendations that are appropriate, practical, and cost-effective
• Manage and monitor the progress of remediation steps on risk assessment findings
• Prepare comprehensive reports summarising the actions taken for to remediate identified risks
• Provide regular reports and metrics on the security posture of the company to the CISO
• Act as the escalation point of the information security department for any information security related risks

Main requirements:

• BSc/MSc in Information Security or any other relevant degree
• At least 3 years of work experience in information security risk management and information security risk assessment
• Technical knowledge of operations, physical, network, host and application security, as well as security architecture, virtualisation, and cloud infrastructures
• Good understanding of security regulations and frameworks, such as ISO 27001, NIST CSF and 800-53, GDPR, etc
• Audit-related certifications, such as CRISC, CGRC, and CISSP, are a plus
• Ability to work autonomously with minimum supervision and to integrate well within a team
• Ability to articulate security risks and communicate effectively to various levels of management
• Self-motivated, proactive, and efficient
• Ability to work under pressure in a fast paced environment
• Strong interpersonal, organisational, and project management skills.
• Excellent communication skills with the ability to explain technical concepts to a non-technical audience.
• Excellent written and verbal skills in English.

Benefits:

• An attractive remuneration package, plus performance-related reward.
• Private health insurance.
• Corporate pension fund.
• An intellectually stimulating work environment.
• Continuous personal development and international training opportunities.

Type of employment: Full-time

Location: Limassol or Nicosia

Please visit our website https://bit.ly/42BfCPy to submit your online application for this position.

All applications will be treated with strict confidentiality!