The IT Compliance Manager is responsible for ensuring that IT systems and processes adhere to regulatory requirements and internal policies through audits and risk management activities. Reporting to the Head of IT Strategic Management, this role collaborates across IT divisions to uphold compliance standards and safeguard against legal and operational risks. Lead IT compliance governance by coordinating internal and external audits (e.g. ITGC, BNM reviews), monitoring regulatory changes, and working with IT, business, and security teams to manage risks, maintain documentation, and provide compliance reporting to support business continuity and integrity.
Requirements & Responsibilities
- Bachelor's Degree in IT, Computer Science, Cybersecurity, Business Administration, Law, or related field (advanced degrees are an advantage).
- Minimum 8 years of experience in IT Compliance, Risk Management, IT Audit, or Information Security.
- Experience in developing compliance programs, conducting IT audits, and managing regulatory requirements.
- Strong ability to collaborate with IT, CTO offices, and cross-functional stakeholders.
- Relevant certifications such as CISA, CISM, CRISC, CDPSE, or other compliance-related certifications (e.g. CRCM, CCP) are advantageous.
- Act as the liaison for internal and external IT audits (e.g. ITGC, BNM reviews), ensuring smooth coordination and communication between stakeholders.
- Coordinate audit evidence collection and support timely remediation of audit findings.
- Monitor changes in IT-related laws, regulations, and industry standards (e.g. GDPR, HIPAA, PCI DSS, SOX) to assess impact on the organisation.
- Develop and implement IT compliance policies and controls, conduct internal reviews and risk assessments, collaborate with IT and business teams on mitigation actions, and lead compliance training to strengthen awareness and regulatory alignment.
- Maintain compliance governance by managing documentation, supporting IT project reviews, coordinating with regulators and auditors, preparing compliance reports, monitoring incidents, driving process improvements, and aligning compliance efforts with IT security and business continuity initiatives.
