Governance Risk & Compliance (GRC) Officer for CuttingEdge Forex Company in Larnaca Cyprus
3 days from office in Larnaca / 2 days from home
*only candidates eligible working in Cyprus will be considered (EU citizens; Yellow Slip holders; Temporary Protection Visa holders)
Our client is an awardwinning forex and commodities broker providing trading services and facilities to both retail and institutional clients. They offers various accounts types trading software and tools to facilitate individuals and institutional customers to trade Forex and CFDs online.
We are seeking a Governance Risk and Compliance (GRC) Officer with expertise in ITrelated policies to ensure regulatory requirements are met and security standards upheld. As the GRC Officer you will be responsible for developing implementing and managing governance frameworks risk management strategies and compliance programs tailored to the IT department. This role involves creating policies and controls that align with industry standards and regulatory requirements to safeguard the organizations technological infrastructure. You will play a key role in supporting IT governance and risk management practices ensuring they align with business goals while maintaining compliance with relevant regulations and policies.
Tasks
Responsibilities:
Governance & Policy Management:
- Develop and maintain ITrelated governance frameworks policies and standards.
- Ensure IT governance aligns with standards such as ISO 27001 NIST and GDPR.
- Lead in creating and updating IT policies procedures and guidelines based on regulatory changes and best practices.
- Communicate IT policies across departments and ensure adherence through regular reviews and training.
Risk Management:
- Identify assess and mitigate ITrelated risks in line with organizational risk appetite and regulatory requirements.
- Collaborate with IT and security teams to ensure effective risk management frameworks.
- Conduct regular risk assessments and report findings recommending mitigation strategies.
- Develop a risk register to document and monitor risks for timely resolution.
Compliance:
- Ensure compliance with IT and data security regulations (e.g. GDPR PCI DSS).
- Conduct audits and assessments to verify compliance with internal and external requirements.
- Work with external auditors and regulatory bodies during reviews and inspections.
- Create and maintain compliance documentation ensuring completeness and accuracy.
Internal Controls & Reporting:
- Design and implement internal controls to ensure IT systems integrity confidentiality and availability.
- Monitor compliance via key performance indicators (KPIs) and produce regular reports on governance risk and compliance metrics.
- Maintain comprehensive GRC documentation and ensure auditreadiness.
Requirements
Requirements
- BSc/BA in Information Technology Cybersecurity Risk Management or a related field.
- 3 years of experience in IT Governance Risk and Compliance roles.
- Strong knowledge of IT GRC frameworks (ISO 27001 NIST etc.) and relevant regulations (GDPR HIPAA PCI DSS).
- Experience in developing and managing ITrelated policies and procedures.
- Familiarity with risk assessment and mitigation including maintaining risk registers.
- Strong understanding of internal controls and IT audit processes.
- Excellent communication skills especially for policy documentation and training.
Benefits
Benefits:
- 13th salary
- Full induction training
- Medical Insurance from day 1
- Free Gym membership
- 22 days of annual leave increasing up to 30 days eventually
- Benefits card discounts in shops and restaurants around Cyprus
- Birthday Leave
- Half Day Fridays during summertime
- Lunch twice a week
- Daily provision of fresh fruits and healthy delicacies
- Team Building events
- Parties
- Professional development