-
Develop, implement, and maintain IT risk and compliance frameworks, policies, and procedures.
-
Perform risk assessments, control testing, and compliance reviews across IT systems and processes.
-
Monitor and track regulatory requirements, ensuring compliance with ISO, PCI-DSS, and other relevant standards.
-
Partner with IT and business stakeholders to assess risks, identify gaps, and recommend remediation plans.
-
Prepare risk and compliance reports for senior management and regulatory bodies.
-
Support internal and external audits, ensuring timely resolution of findings.
-
Drive awareness and training programs to strengthen compliance culture across the organization.
-
Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field.
-
Proven experience in IT risk management, compliance, or IT audit (financial services or regulated industries preferred).
-
Strong understanding of regulatory and industry frameworks (e.g., MAS TRM, NIST, ISO27001, PCI-DSS, COBIT).
-
Excellent analytical, problem-solving, and stakeholder management skills.
-
Strong communication skills, with the ability to present technical information to non-technical stakeholders.
-
Relevant certifications such as CISA, CRISC, CISM, CISSP, ISO27001 Lead Auditor/Implementer would be an advantage.
