IT Risk & Compliance Manager

The IT Risk & Compliance Manager is responsible to develop & lead the IT compliance management practice for the effective management & implementation of IT processes & deliverables in terms of compliance, efficiency, management and control. This includes developing and maintaining the compliance methodology of IT processes to reinforce adherence to IT governance standards and policies, and to ensure compliance concerns within IT are being appropriately evaluated, investigated & resolved.

• Manage IT compliance capability with the objective of raising compliance awareness & improving compliance level within IT.
• Direct various compliance programs, proactively identify challenges & develop, recommend & implement appropriate improvements to ensure ownership & remediation of regulatory requirements.
• Establish new programs and/or recommend the adoption of new or modified policies/procedures based on the evolving regulatory landscape.

• Coordinate IT audit and/or compliance process with Internal & external auditors, IT & operational risk management teams, and Compliance team.
• Review previous IT internal & external audit and/or compliance findings & track for timely & satisfactory resolution.
• Objectively review & evaluate performed processes, work products & services through periodic compliance checks and independent assessment / friendly audit against key internal IT controls to identify compliance risks/ gaps & recommend areas for improvements.
• Identify & analyze external regulatory/compliance requirements for their IT impact & work with respective IT stakeholders to take appropriate measures in complying with them.
• Coordinate, document & communicate all compliance process improvement activities within IT.

• Promote & support a culture of compliance, risk avoidance/mitigation & corporate accountability throughout IT organization.
• Raise awareness & provide advisory to IT staff on IT policies & guidelines to promote compliance.

• Central party to manage & coordinate all periodic compliance reporting/ assessment requirements.
• Provide efficient administrative support functions within the department.
• Ensure accurate compilation & submission of management reporting.

• Professional IT qualification or IT degree, or its equivalent.
• 10 years of hands‑on IT technical experience, and overall IT processes & services.
• At least 5 years related experience in managing and monitoring compliance‑related matters with thorough understanding of the IT landscape.
• At least 5 years of experience in conducting IT audit, compliance check and independent assessments.

• CISA (IT Audit)
• BNM GPIS
• MAS TRM
• PCI‑DSS

We appreciate your application and will be in touch with shortlisted candidates regarding next steps.