Turn regulation into clear, workable processes. You will analyse DORA and related ICT‑risk requirements, model how work should flow across teams and ensure our evidence is audit‑ready—partnering with Product & Engineering and SRE in our CORE environment.

Job Responsibilities

• Interpret DORA obligations and translate them into practical policies, controls and procedures
• Map critical/important functions and supporting assets; maintain the ICT risk register and control library
• Model end‑to‑end processes using BPMN/UML (e.g., incident, change, third‑party, backup/restore, monitoring)
• Define incident classification, escalation and reporting workflows; coordinate testing of playbooks
• Support resilience topics (BIA inputs, recovery objectives, continuity/dr drills) with SRE and Security
• Strengthen third‑party/outsourcing oversight: due diligence inputs, register updates and monitoring cadence
• Specify evidence requirements; keep artefacts organised (approvals, logs, test results, reviews)
• Work with engineering leads to embed controls into SDLC, CI/CD and operations (“security first” by design)
• Track remediation of findings; provide status reporting and clear, action‑oriented recommendations
• Contribute to staff awareness and briefings; create concise guidance and checklists for teams

Key Tools and Frameworks

• BPMN and UML for process/diagram modelling
• Risk management concepts (impact/likelihood, control effectiveness)
• DORA knowledge; familiarity with related frameworks (e.g., ISO 27001/22301, NIS2) is a plus
• Jira/Confluence (or similar) for registers, workflows and documentation
• Basic data handling and evidence management practices (versioning, approvals, retention)

Qualifications

• 3+ years in regulatory/process analysis within ICT, operations or security
• Hands‑on BPMN/UML process modelling and documentation discipline
• Working knowledge of DORA requirements (ICT risk, incident, third‑party, testing, governance)
• Comfortable partnering with senior engineers and architects; able to challenge and clarify
• Strong English communication; clear, concise writing and stakeholder management
• Ability to work on‑site in Limassol; hybrid may be possible after probation
• Certifications such as BPMN Professional or ITIL Intermediate are a plus

We encourage applications from all qualified candidates and provide reasonable accommodations on request (email [email protected]).

Other Skills

• Structured, analytical thinker with a pragmatic, delivery‑oriented approach
• High attention to detail and organisation; audit‑ready documentation mindset
• Calm under deadlines; able to prioritise risks and drive decisions with evidence
• Collaborative style across technical and non‑technical teams