IT GRC Auditor

Mercuryo

full-time

Posted on: 9/20/2025

Origin: • 🇨🇾 Cyprus

✨ AI Apply

Mid-LevelSenior

About the role

Conduct audits of the Company's information systems for information security / IT GRC.
Participate in analysis and identification of information security risks and operational efficiency of information systems.
Assess effectiveness of compliance with internal and external (regulatory) information security requirements and protective measures.
Participate in organizing and assisting external audits for standards (PCI DSS, SOC 2 Type2, ISO 27001, MiCA/DORA, others).
Prepare analytical reports on results of internal audits and on activities of external auditors.
Communicate and exchange experience with colleagues from Information Security, IT, Product Owners, Project Managers, Compliance, HR, Legal, and external auditors.

Experience in auditing in the field of information technology / information security and/or experience in system administration / ensuring information security in large organizations.
Understanding of the business processes of financial organizations and their implementation using information technology and/or understanding of the basics of secure development of IT products.
Knowledge of the main approaches to ensuring information security and implementing security measures, as well as the basic principles of information technology.
Understanding the impact of security measures on mitigating information security risks and/or the possibility of cyber attacks.
Knowledge of and experience in implementing the requirements of one or more information security standards: PCI DSS, SOC 2 Type2, ISO 27001, MiCA/DORA (desirable) or other standards.
Ability to read, understand and use high-level design diagrams (HLD), sequence diagrams and/or customer journey diagrams (CJM).
Ability to clearly and accessibly express thoughts orally and in writing; ability to structure and formulate conclusions and recommendations based on analysis.
Mid-level experience (position listed as Mid-level).