We are seeking an IT Security Compliance & Audit Specialist to support an international financial institution in assessing the effectiveness of ICT and security controls, ensuring compliance with internal standards and regulatory frameworks. The specialist will play a key role in testing controls, supporting audits, and enhancing security governance through reporting, automation, and policy updates.
Responsibilities
- Test the effectiveness of ICT and cybersecurity controls and related risk mitigation plans.
- Contribute best practices for building and maintaining a robust ICT and cybersecurity control framework, including emerging technologies and risks (cloud, IoT, mobile, third-party monitoring).
- Support the definition of Key Risk Indicators (KRIs) for ICT security and contribute to automated dashboards and reports.
- Develop and maintain frameworks to assess cloud vulnerabilities and perform technical security assessments (e.g., password and access reviews).
- Support ICT and security reporting activities, ensuring accurate compliance and governance visibility.
- Conduct access rights reviews and recertifications.
- Update or develop IT security policies and ICT procedures (LOD1 and LOD2).
- Provide compliance reporting, highlighting systems that are not appropriately patched.
- Offer technical expertise and assistance during internal and external security audits.
- Follow up on audit findings and ensure timely remediation of observations.
Qualifications and Skills
- Bachelor’s degree in Computer Science, Information Security, Information Systems Management, Cybersecurity, or equivalent.
- Minimum of 5 years of experience in information security, ideally including penetration testing.
- Professional certifications are an asset: CEH, GIAC, GPEN, GXPN, OSCP, OSC or equivalent.
- Strong technical expertise in cybersecurity, including familiarity with penetration and intrusion techniques, system vulnerabilities, and remediation strategies.
- Hands-on experience with offensive tools (e.g., Metasploit, Kali Linux, Cobalt Strike) and scripting languages.
- Deep understanding of network and web protocols (TCP/IP, UDP, IPSEC, HTTP, etc.) and security engineering principles.
- Excellent problem-solving, analytical, and communication skills.
- Ability to work collaboratively in a complex, international, and regulatory environment.
Why Join
This role offers the opportunity to contribute to the strengthening of cybersecurity controls and compliance posture in a highly regulated and impactful environment. You will collaborate with security experts and auditors on innovative projects involving risk management, automation, and continuous improvement of ICT frameworks.
How to Apply
Ready for your next challenge?
Apply now by sending your updated CV. We’re looking forward to discovering what you can bring to the team!
Opportunities are numerous. From bare applications development to of IT infrastructures management including conception, architecture and requirements analysis.
Although open to technologies used by our customers, ABAKUS IT-SOLUTIONS seeks mainly but not only consultants mastering: Windows and Linux Servers, networks, developments (JAVA, SAP, .NET,…) as well as highly specialized experts for example in cybersecurity or in Content Management System (CMS) (SharePoint, Drupal, WebLogic…).
In terms of non-technical competencies, ABAKUS IT-SOLUTIONS hires dynamic persons, open to the world, interested by innovation and having a keen sense of client relationship.
A very good command of English is essential, the capacity to speak French, German or Dutch is an asset.
Even though most of our positions require at least 3 years of experience, some are open to new starters.
