We are seeking aGovernance, Risk, and Compliance (GRC) Officer with expertise in IT-related policies to ensure we meet regulatory requirements and uphold our security standards.

The GRC Officer will be responsible for developing, implementing, and managing governance frameworks, risk management strategies, and compliance programs tailored to the IT department.

This role involves creating policies and controls that align with industry standards and regulatory requirements while safeguarding the company's technological infrastructure. This position plays a critical role in ensuring IT governance and risk management practices support business goals while maintaining compliance with applicable regulations and policies.

Your role at HFM:

Governance & Policy Management:

• Develop and maintain IT-related governance frameworks, policies, and standards.
• Ensure the organisation’s IT governance aligns with industry standards such as ISO 27001, NIST and GDPR.
• Lead the creation and maintenance of IT policies, procedures, and guidelines, ensuring these are kept up to date with regulatory changes and best practices.
• Communicate IT policies effectively across departments and ensure adherence through regular reviews and training.

Risk Management:

• Identify, assess, and mitigate IT-related risks in line with the organization's risk appetite and regulatory requirements.
• Collaborate with IT and security teams to ensure effective risk management and control frameworks are in place.
• Conduct regular risk assessments and report findings to senior management, recommending risk mitigation strategies.
• Develop a risk register to document and monitor risks, ensuring timely resolution.

Compliance:

• Ensure compliance with all relevant IT and data security regulations (e.g., GDPR, PCI DSS).
• Conduct regular audits and assessments to verify compliance with internal and external requirements.
• Work closely with external auditors and regulatory bodies during reviews and inspections.
• Create and maintain compliance documentation, ensuring completeness and accuracy.

Internal Controls & Reporting:

• Design and implement internal controls to ensure the integrity, confidentiality, and availability of IT systems.
• Monitor compliance through key performance indicators (KPIs) and generate regular reports for senior management on governance, risk, and compliance metrics.
• Develop comprehensive GRC documentation and always ensure audit-readiness.

Awareness & Training:

• Provide ongoing training and awareness programs to staff on IT-related governance, risk, and compliance practices.
• Promote a culture of compliance and risk awareness across the organisation.

What You Bring:

• BSc/BA in Information Technology, Cybersecurity, Risk Management, or a related field.
• 3+ years of experience in IT Governance, Risk, and Compliance roles.
• Proven knowledge of IT GRC frameworks (ISO 27001, NIST, etc.) and relevant regulatory requirements (GDPR, HIPAA, PCI DSS).
• Experience developing, implementing, and managing IT-related policies and procedures.
• Familiarity with risk assessment and mitigation practices, including maintaining risk registers.
• Strong understanding of internal controls and audit processes for IT systems.
• Excellent written and verbal communication skills, particularly in the context of policy documentation and training programs.

Preferred Skills

• Strong project management skills with the ability to lead and manage GRC-related initiatives.
• Experience working in a highly regulated industry such as finance, healthcare, or government.
• Ability to adapt to evolving regulatory landscapes and technology innovations.

EU/EFTA citizens OR holders of a Cyprus work permit OR foreign nationals married to an EU citizen.

By joining us, you can expect:

Attractive remuneration package

Hybrid Work Mode

22 days of Annual Leave (reaching up to 30 days per year based on years’ service)

Friday afternoons off in Summer (July & August)

Birthdays are always a day off!

Referral Bonus – refer a candidate we would all enjoy to work with!!

Participation in the Company’s Medical Scheme from day one!

Participation in the Company’s Group Discount Scheme

Free Gym Membership (Larnaca)

Unlimited snacks, fruits, and beverages

Complimentary periodic lunches at the office

Fun team-building activities & Corporate events

Lifelong Learning Allowance plus paid Educational Leave

Who is HFM?

Established Broker since 2010 | 60+ Industry Awards | over 3,500,000 Live Accounts | 300+ Employees Globally | 40+ Different Nationalities |

At HFM, our workforce is our biggest asset. For this reason, we reward our employees’ individual talent and skills, and encourage them to reach their full potential in an engaging workplace that fosters excellence.

Kick off an exceptional career with HFM and follow the path to success!

Sounds like you? Come and write the next chapter with us through our Careers website: Governance, Risk & Compliance (GRC) Officer - IT Policies.

All applications will be treated as confidential.

HFM is an Equal Opportunity Employer.