Announced
22/09/202422 Sep, 2024
Job Status
Full Time
Job Type
Employee
Expiration Date
22/02/2025 61 days left
Job Category
Job Location
Job Title
IT Risk and Compliance ManagerJob Presentation
Responsibilities
- Develop and implement IT risk management frameworks, policies, and procedures in line with industry best practices and regulatory requirements.
- Identify, assess, and prioritize IT risks, ensuring appropriate mitigation strategies are in place.
- Conduct regular risk assessments and audits of IT infrastructure, applications, and third-party vendors.
- Oversee the implementation of risk controls and track remediation efforts to address identified vulnerabilities.
- Ensure that the organization’s IT practices comply with relevant regulations, standards, and industry frameworks (e.g., GDPR, SOX, PCI-DSS, ISO 27001, NIST).
- Monitor regulatory changes and industry trends to ensure timely updates to policies and procedures.
- Conducted internal compliance audits and coordinated with external auditors to ensure accurate and timely reporting.
- Maintain up-to-date documentation of IT compliance controls and practices, and prepare regular reports for senior management.
- Develop and enforce IT governance policies, ensuring alignment with the organization's risk management strategy and business objectives.
- Lead the development and implementation of security policies, disaster recovery plans, and business continuity strategies.
- Oversee IT governance committees and serve as the primary point of contact for IT-related regulatory bodies and auditors.
- Collaborate with internal departments (e.g., IT, Legal, Finance) and external partners (e.g., vendors, auditors) to manage IT risks and ensure compliance.
- Provide training and awareness programs for employees on IT risk management, data privacy, and compliance requirements.
- Act as the primary liaison between the IT department and business units for compliance and risk-related issues.
Qualifications
- Minimum of 8 years of experience in IT risk management, IT governance, or compliance roles, preferably within the financial sector or regulated industries.
- Strong knowledge of industry regulations, such as GDPR, PCI-DSS, SOX, and cybersecurity frameworks (e.g., ISO 27001, NIST).
- Experience in conducting risk assessments, audits, and implementing risk mitigation.
- Deep understanding of IT infrastructure, data protection, and cybersecurity principles.
- Strong analytical and problem-solving skills with the ability to manage multiple complex projects simultaneously.
- Excellent communication skills, with the ability to engage with technical and non-technical stakeholders.
- Certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or equivalent are highly desirable.
Required Skills
- Financial Risk
- Location Amman - Jordan
- Industry Information & Communication Technologies
- Job Type Full-Time
- Degree Bachelor
- Experience 8 - 12
- Nationality Unspecified