IT Compliance Specialist (to Cyprus)

компания "quadcode" hi! we are quadcode, a company that develops a saas trading platform for clients around the world. now we are looking for an it compliance specialist for it compliance & risk management team. this team conducts an information security audit according to international standards, communicates with regulators and prepares documentation for them. the position is open for those who are already in cyprus or ready to relocate to cyprus after a probationary period. key responsibilities: assisting teams to analyze and implement (understand risks, prioritize tasks, allocate resources, take responsibility for slas) international and local regulatory and business requirements with the focus on technical aspects of it-compliance, information security and data protection; providing teams with accurate explanations of requirements with a purpose to translate them into slas; advising on setting up technology-dependent operational documentation and design of controls; executing of the internal audit plan for independent testing of it- controls (it-strategy execution, vendor management, budget limits, etc.), investigating and acting on matters related to slas of external parties and slas of internal platform micro-services; support for implementation of risk management principles (bcp\drp), continually risk assessing of cloud service providers’ (csp) practices and policies, support of csp list for esma, and advising on solutions to mitigate data protection and compliance risks in all areas of activity; liaising with external auditors and legal advisors, regulatory authorities (local and foreign) and relevant service providers in various jurisdictions to get relevant certifications as pci-dss, esma, soc-2, etc.; scheduled hands-on participation and coordination of cross-functional teams to prepare or annual updаtеof it-compliance documentation (incl. testing results and evidence) and to communicate and submit for certification, licensing and other regulatory purposes. our expectations: 3 years in a similar or related role (internal\or external pci-dss audit roles; decomposition and description of it-related routing procedures; developing and documenting policies, incl. set-up of controls and slas); understanding of different it and security standards (iso27001, pci dss, nist, itil, cobit); understanding of virtual network concepts, cloud infrastructure and application security; fluent english and russian.