IT Compliance Officer

Job Description:

- Make recommendations to stakeholders to create IT GRC policies that would improve internal control and security of the company

- Analyze existing policies and procedures, and develop oversight mechanisms to detect and address data leaks

- Managing and implementation for IT GRC policies for both internal and external stakeholders- Develop and implement IT policies and procedures, GRC strategies aligned with the organization's business objectives

- Ensure compliance with ISO 27001, SOC 2, HIPAA, PCI-DSS, NIST, GDPR, and other regulatory frameworks

- Oversee data privacy practices and protect information assets from cyber threats

Job Qualification:

- Minimum Bachelor's degree in IT, Computer science or related fields

- Minimum 4 years of experience in in IT GRC and DPO

- Understanding and skilled in designing and implementing IT GRC and personal data protection policies

- Have experience in implementing GDPR, SOC, ISO 27001, PCI-DSS, NIST, or other regulatory framework

- Familiar and skilled in GRC platforms and tools (e.g. ZenGRC, OneTrust, Acher and etc..)

- Have certification (CISSP, CISA, CISM, CRISc, CIPP, DPO) is a plus