This role involves developing and implementing IT governance frameworks, conducting compliance assessments, and collaborating with cross-functional teams to maintain a secure and compliant IT & Digital environment. The specialist will work closely with IT & Digital leadership, legal, risk management, and other stakeholders to mitigate risks and uphold the integrity of the organization's IT systems.

Responsibilities

  Ø IT Governance Frameworks: Develop, implement, and maintain IT governance frameworks, ensuring that they address the organization's strategic goals, risk tolerance, and regulatory obligations.

 Ø Compliance Assessments: Conduct regular assessments of IT systems, processes, and policies to ensure compliance with relevant regulations such as GDPR, HIPAA, SOX, and industry standards like ISO 27001.

 Ø Risk Management: Identify potential IT risks and vulnerabilities and collaborate with the IT security team to implement mitigation strategies that align with the organization's risk appetite.

 Ø Policy Development: Create and update IT policies, procedures, and guidelines to reflect changes in regulations and industry best practices. Ensure these documents are easily accessible and understood by relevant stakeholders.

 Ø Audits and Reporting: Coordinate and facilitate internal and external audits related to IT governance and compliance. Prepare detailed reports of findings, recommendations, and action plans for remediation.

 Ø Training and Awareness: Conduct training sessions and awareness programs to educate employees about IT governance, compliance requirements, and security best practices.

 Ø Vendor Management: Evaluate and ensure that third-party vendors and service providers adhere to the organization's IT compliance standards.

 Ø Incident Response: Collaborate with the incident response team to manage and respond to IT compliance-related incidents, ensuring appropriate communication and resolution.

 Ø Continuous Improvement: Stay informed about the latest developments in IT regulations, standards, and security practices. Continuously enhance the organization's IT governance and compliance program accordingly.

 Ø Cross-functional Collaboration: Work closely with legal, internal audit, risk management, and IT teams to align IT governance and compliance efforts with broader organizational objectives.

 Documentation: Maintain accurate and up-to-date records of IT governance activities, compliance assessments, audit reports, and related documentation.

Experience

2-7 Years

Qualifications

Ø Bachelor's degree in Information Technology, Computer Science, or a related field (Master's degree preferred).

Ø Relevant industry certifications such as ISO 27001 LA/ LI, CISA, CISM, CISSP, CCSP or CGEIT.

Ø Strong understanding of IT governance frameworks, compliance regulations, and security best practices.

Ø Experience in conducting IT compliance assessments, audits, and risk assessments.

Ø Familiarity with data privacy regulations and their implications for IT systems.

Ø Excellent communication skills for collaborating with cross-functional teams and presenting findings to both technical and non-technical audiences.

Ø Analytical mindset with the ability to identify risks and propose effective solutions.

Ø Detail-oriented and able to manage multiple projects simultaneously.

Ø Knowledge of ITIL (Information Technology Infrastructure Library) framework is a plus.

Ø Previous experience in IT governance, compliance, or risk management roles is highly desirable.