IT: Governance Risk and Compliance

Job Description

• Develop and implement IT governance frameworks that align IT goals with business objectives
• Lead a team to achieve and maintain certain certifications based on company needs e.g., ISO 27001,PCI-DSS
• Ensure that IT processes, policies, and standards are followed across the organization
• Collaborate with senior leadership to define and improve IT governance strategies
• Assist in the evaluation and implementation of IT management tools and systems
• Identify, assess, and prioritize IT risks (e.g., cybersecurity risks, data breaches, system vulnerabilities)
• Develop risk management strategies and mitigation plans to minimize potential IT threats
• Monitor and assess the effectiveness of risk controls, and report on key IT risk indicators
• Lead or support incident response and recovery efforts when IT risks materialize
• Ensure compliance with applicable laws, regulations, and industry standards
• Develop, implement, and maintain IT compliance policies and procedures
• Conduct regular audits and assessments to ensure compliance with internal and external regulations
• Liaise with regulatory bodies and ensure timely reporting and certification as required
• Stay current on industry trends and new IT GRC tools or methodologies

Minimum Qualifications

• Bachelors degree in Information Technology, Cybersecurity, Risk Management, or a related field
• Has up to 5 years of experience in IT field, with a focus on governance, risk management, compliance, or security.
• Strong understanding of IT governance frameworks e.g., COBIT, ITIL
• Experience with risk management methodologies e.g., ISO 27001
• Certifications such as CISA, CRISC, CISSP are preferred
• Experience with IT audit processes and tools
• Strong communication and have ability to cross functional collaboration with various departments, including IT, legal, security, and business teams