IT Internal Auditor

About EveryPay

At EveryPay we are on a mission to build the digital financial infrastructure that underpins e-commerce in Greece empowering Marketplaces and Merchants to thrive.

We are a team of enthusiastic young people driven by our values to Empower Customers work as a Team Together Manage Risk and Get Stuff Done.

We are proud to have built the payments layer connecting most Greek Marketplaces and Merchants with world-class schemes like Visa and MasterCard. We service most Greek Marketplaces including Greeces largest and most successful marketplace: Skroutz.

Our systems connect to thousands of banks in Greece and abroad. Our tech processes tens of thousands of transactions every day thats billions worth of e-commerce. If you have bought something online in Greece chances are you have already used our payments product.

EveryPay is fully owned by the Skroutz Group of Companies and is both a Tech Company and a Regulated Financial Services Institution. Therefore you will be exposed to the world of the Tech Payments Sector and that of Financial Services.

How you will contribute to EveryPays vision

We are growing our Internal Audit Team and are looking for a talented IT Internal Auditor!

The Role

The IT Internal Auditor will contribute to the effective functioning of the Internal Audit activity by providing independent risk-based assurance over the Companys IT governance information security and technology risk management framework.

The role focuses on assessing the adequacy and effectiveness of IT-related internal controls policies and procedures in line with regulatory requirements and industry best practices. The position involves close collaboration with IT Information Security Risk Management Compliance and senior management within a highly regulated payments environment.

What you will be doing:

• Plan and perform risk-based IT audits including IT General Controls and application controls
• Assess the design and operating effectiveness of IT controls processes and systems
• Evaluate compliance with applicable regulatory and supervisory frameworks (e.g. DORA PSD2 EBA Guidelines ISO 27001)
• Review information security cyber risk ICT resilience and change management processes
• Prepare clear and well-documented audit reports including findings risk assessments and recommendations
• Perform follow-up reviews on the implementation of agreed audit actions and remediation plans
• Support the continuous improvement of the Internal Audit methodology and documentation
• Coordinate with other internal control functions and where applicable external auditors
• Provide advisory input on IT-related risks for new processes systems or products

What you need to succeed:

• BSc preferably in Information Technology Computer Science Engineering Finance or a related field.

• 3 years of professional experience in IT Audit.
• Strong knowledge of IT General Controls (access management change management IT operations).
• Understanding of the audit professional code of conduct and the Generally Accepted Auditing Standards
• Understanding of information security principles and cyber risk management
• Experience in a regulated environment preferably within financial services payments or fintech
• Familiarity with internal audit standards and risk-based audit methodologies
• Strong analytical skills attention to detail and ability to document findings clearly
• Effective communication and stakeholder management skills
• Tenacity and Ethics
• Excellent use of MS Office
• Excellent command of the English language (both written and spoken).

Whats it like to work at EveryPay

• Competitive full-time salary
• Private Family Medical Plan
• Monthly meal allowance
• Learning and development programs and access to relevant resources
• A flexible hybrid model of work
• Free Skroutz Plus subscription
• Free wellness subscription
• Being part of an environment that gives employees large goals autonomy and creates incredible opportunities both for you and the company!

Disclaimer:

EveryPay collects and processes personal data in accordance with the EU General Data Protection Regulation (GDPR). We are bound to use the information provided within your job application for recruitment purposes only and not to share these with any unauthorized third parties. Please read our Recruitment Privacy Policybelow.

Recruitment Privacy Policy

The CompanyEVERYPAY PAYMENT SERVICES SINGLE MEMBER SOCIETE ANONYME(hereinafter referred to as EVERYPAY) collects CVs and personal data in order to evaluate and select suitable candidates for potential employment.

In accordance with Regulation (EU) 2016/679 on the protection of personal dataEVERYPAYprovides you with the following information regarding the collection and processing of your personal data.

1. Data Collection

The personal data we collect is voluntarily submitted toEVERYPAYby you and includes the information contained in your CV and any accompanying documents. This data may include: full name contact phone number e-mail address educational and professional background etc.

2. Purpose

The data is processed solely for the purpose of evaluating your qualifications for potential employment within EVERYPAY.

3. Legal Basis

The legal basis for processing your personal data is your consent which is provided upon submission of your CV.

4. Data Recipients and Transfers

Your personal data will only be accessed by authorized personnel of EVERYPAY involved in the recruitment process. It will not be transferred to any third party or to any country outside the European Economic Area (EEA).

5. Data Retention

In case you do not enter into an employment relationship with EVERYPAY your personal data will be deleted permanently from our records unless you have provided your consent to retain your CV for future that case your data will be securely stored for up to two (2) years from the date of our last contact. EVERYPAY ensures that only authorized personnel have access to this data and that appropriate technical and organizational measures are in place to safeguard confidentiality and integrity.

6. Your Rights

You have the right to:

Withdraw your consent at any time (without affecting the lawfulness of processing carried out before withdrawal)

Request access to your personal data

Request rectification or erasure of your data

Restrict or object to the processing of your data

Request data portability

Lodge a complaint with the Hellenic Data Protection Authority ()

To exercise these rights you can contact us here: or at the address: 25-29 Karneadou 10675 Athens for the attention of: Data Protection Officer.

CONSENT FOR THE PROCESSING OF PERSONAL DATA
By submitting your CV you explicitly consent to the collection and processing of your personal data as described above. You may revoke this consent at any time by contacting us at: .

Required Experience:

IC