We are seeking an experienced IT & Cyber Security Auditor with a strong understanding of how technology environments are designed, implemented, and operated—and the ability to quickly identify control weaknesses, security gaps, and compliance risks.
This role is responsible for independently planning and executing audits and assessments across IT General Controls (ITGC), application controls, information systems, and cybersecurity frameworks, ensuring the confidentiality, integrity, and availability of information assets while maintaining compliance with regulatory and industry requirements.
The successful candidate will act as a trusted advisor to management, translating complex technical risks into practical, business-focused insights and actionable recommendations.
Key Responsibilities
• Conduct comprehensive information security and cybersecurity assessments
• Perform IT General Controls (ITGC) audits, including access management, change management, and IT operations
• Execute application security and controls reviews covering SDLC, system configuration, interfaces, and data integrity
• Carry out information systems audits across infrastructure, databases, networks, and cloud environments
• Lead cybersecurity audits and maturity assessments aligned with ISO 27001, NIST, COBIT, and applicable regulatory requirements
• Identify control gaps, evaluate risk impact, and recommend practical, business-aligned remediation actions
• Review security policies, procedures, and technical configurations for compliance and effectiveness
• Prepare clear, executive-level audit reports and present findings to senior management and key stakeholders
• Track remediation activities and validate the implementation and effectiveness of corrective actions
• Monitor compliance with data protection laws, regulatory requirements, and internal policies
• Advise the organization on GDPR compliance, privacy-by-design principles, and lawful data processing practices
• Develop, maintain, and oversee data protection policies, standards, and procedures
• Lead and review Data Protection Impact Assessments (DPIAs)
Required Skills & Experience
• Strong hands-on experience in ITGC, application controls, and cybersecurity auditing
• Solid understanding of enterprise systems, security controls, and risk management frameworks
• Knowledge of regulatory standards and industry best practices
• Proven ability to translate technical risks into clear, business-focused insights
• Experience delivering information security and cybersecurity awareness sessions
• Ability to manage and execute audit and security projects independently
Certifications (Preferred)
• CISA, CISSP, CISM, CDPSE, CRISC, ISO 27001 LA/LI, or equivalent
