IT Audit & Compliance Specialist (IT GRC)

JOB OVERVIEW

We are looking for a (Senior) IT Audit & Compliance Specialist who will maintain the organization‘s compliance with well-known IT standards, regulatory requirements, and internal policies. This role is crucial in ensuring the Confidentiality, Integrity, and Availability of the Organization’s information systems through regular audits, documentation, risk management, and communication.

KEY RESPONSIBILITIES

• Understand and stay updated with IT standards, regulatory requirements, and internal policies.

• Write, manage, and maintain core documents and processes related to ISO 27001 ISMS (Policy, Procedure, Standard, Guideline).

• Risk Management (Identification, Analysis, Evaluation, Treatment), Risk communication & support/follow the implementation of Risk controls.

• Support other teams in writing their specific documents by providing templates, detailed requirements, and reviewing their work.

• Conduct IT internal audits.

• Periodically update and communicate documentation, both regularly and on an ad hoc basis (e.g., incidents, regulatory changes).

• Prepare and deliver presentations on audit findings, recommendations, and compliance status to various stakeholders.

• Provide support, education, and training to all employees in terms of Security risk awareness within the organization.

• Ensure implementation of approved IT Security policies and compliance with all HSC employees.

JOB REQUIREMENTS

1. Educational level:

Bachelor’s degree, College degree or Higher in Computer Science, Cyber Security, or a related technical field.

2. Knowledge & Experiences:

• 2-3 years of experience in IT Audit

• Basic understanding of IT standards and regulatory requirements (ISO 27001, GDPR, etc.)

• Experience implementing ISO 27001 /& Risk Management would be a plus

• Familiarity with IT auditing processes and methodologies

3. Soft skills:

• Strong written communication skills for documenting audit findings, procedures, and compliance reports

• Strong presentation skills for delivering clear and concise information to stakeholders

• Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions, etc.), and willing to undergo vetting and/or personality assessments to verify this if necessary.