Governance, Risk

The role is about:

The GRC Specialist leads the implementation of the organization's governance and compliance priorities in areas such as information security (ISO 27001), operational resilience, and financial regulations like DORA. The role ensures the effectiveness of controls, readiness for audits, and traceability of evidence across various internal and outsourced environments. The GRC Specialist acts as the day-to-day authority on policy alignment, risk assessments, and supervisory documentation.

Location: Limassol, Cyprus

Reporting Line: Group Head of Digital Risk, CyberSec and Privacy

You will:

• Maintain compliance and control frameworks aligned with ISO 27001, SOC 2, PCI DSS, GDPR, DORA, and other applicable regulatory standards.
• Maintain the corporate policy suite, ensuring version control and alignment with regulatory expectations.
• Design and enforce corporate governance policies across business units.
• Drive employee awareness and compliance attestations.
• Facilitate governance steering committees and board-level reporting.
• Coordinate external audits, regulatory queries, and remediation evidence packs.
• Lead business process and asset risk assessments aligned to ISO 27005 and DORA risk taxonomy.
• Run internal compliance reviews, document control deviations, and manage corrective actions.
• Assess operational and supplier dependencies with business continuity impact analysis (BIA) inputs.
• Conduct internal control reviews, regulatory gap assessments, and readiness projects for certifications and supervisory audits.
• Partner with IT to implement control automation, compliance tooling, and evidence repositories.
• Monitor emerging laws, supervisory guidelines, and industry standards, and translate them into actionable roadmap items.
• Support BCP/DR governance and testing programs with measurable RTO/RPO targets.
• Coordinate major incidents reporting procedures and regulatory notifications.
• Own compliance dashboards, KPIs/KRIs dashboards, and audit-ready records.
• Present actionable risk insights to Audit & Risk Committees and regulators.

What we need:

• Bachelor's degree in Information Security, Risk Management, IT, Finance, or a related field.
• Professional certifications such as ISO 27001 Lead Implementer/Auditor, CRISC, CISA, CISSP, or equivalent are highly desirable.
• Proven experience (3–5+ years) in Governance, Risk & Compliance, information security, or operational resilience roles.
• Hands-on experience with regulatory frameworks including ISO 27001, SOC 2, PCI DSS, GDPR, and financial regulations such as DORA.
• Experience coordinating audits, risk assessments, compliance reviews, and regulatory engagements.
• Demonstrated track record in implementing, monitoring, and reporting GRC programs across complex, multi-jurisdictional environments.
• Strong understanding of risk management frameworks, operational resilience, and control assurance methodologies.
• Ability to interpret regulatory guidance and translate it into actionable business policies and processes.
• Excellent analytical skills with attention to detail and accuracy in documenting controls, risks, and audit evidence.
• Effective stakeholder management and communication skills, including the ability to present findings to senior management and regulatory bodies.
• Proficiency in GRC tools, compliance management systems, and Microsoft Office/Power BI for reporting purposes.
• Ability to manage multiple priorities, drive initiatives, and work independently as well as collaboratively across teams.
• High integrity, accountability, and commitment to ethical standards.
• Proactive and solution-oriented mindset with a continuous improvement approach.
• Strong organizational skills with the ability to maintain compliance records and evidence in audit-ready condition.

The perks of being a   

• Future-Proof Your Finances: Once you've passed probation, we'll kickstart your Provident Fund to secure your future. 
• Grow with Us: Annual Learning Budget for professional development (after probation)—because your growth is our growth. 
• Wolt Your Way Through Lunch: €150 monthly Wolt allowance to keep you fueled and happy.
• Drive in Style:  After one year with us, you may be eligible for a company car—performance and availability permitting. 
• Park with Ease: Complimentary parking space just steps from the office, so your commute is as smooth as your workday.
• Max Out Your Downtime: 25 days of vacation + public holidays, plus an additional 10 sick days to rest when needed.
• Shop & Save: Exclusive local discount card + tickets for exciting events like Beonix, basketball games, and more. 
• Speak Like a Local: Join free Greek language classes, twice a week, open to all team members. 
• Celebrate Together: Twice a year, we bring colleagues from all offices together for unforgettable company celebrations.
• Global Collaboration & Events: Opportunities to participate in international company events and initiatives, connecting with colleagues from all regions and contributing to a truly global community

Hiring Process:

• First Interview: 30-minute introduction led by the Senior Talent Acquisition Partner.
• Second Interview: 1-hour deep-dive with the Hiring manager to explore your experience and skills.
• Final Interview: 30-minute session with the CTO and Senior Talent Acquisition Partner for final alignment.