Job Purpose:

The Technology Risk and Compliance person is responsible for overseeing, managing, and ensuring the effectiveness of technology risk management and compliance practices. This role involves providing strategic leadership, guidance, and oversight to identify, assess, mitigate, and monitor technology-related risks and ensure compliance with applicable regulatory frameworks, standards, and internal policies.

Key Responsibilities:

Strategic Leadership:

• Develop and implement a comprehensive technology risk and compliance strategy aligned with organizational objectives.
• Provide strategic guidance on managing technology risk exposure and compliance frameworks.

Risk Management:

• Lead the identification, assessment, and prioritization of technology risks.
• Develop and maintain a technology risk register, ensuring continuous updating and monitoring.
• Oversee risk mitigation planning, monitoring the implementation and effectiveness of controls.

Compliance Management:

• Ensure IT compliance with relevant regulations, industry standards (ISO, PCI-DSS, GDPR, etc.), and organizational policies.
• Monitor and evaluate changes in regulatory requirements and ensure effective communication and implementation across the organization.
• Coordinate internal and external technology audits and ensure timely remediation of identified gaps.

Policy and Governance:

• Develop, maintain, and communicate technology risk and compliance policies and procedures.
• Ensure policies and procedures are effectively integrated into operational practices across all IT units.

Stakeholder Engagement and Reporting:

• Regularly report technology risk and compliance statuses to senior management, providing clear visibility on risk posture, compliance status, and key improvement areas.
• Build effective relationships with internal stakeholders, auditors, regulators, and external partners.

Team Leadership and Development:

• Provide effective leadership, coaching, and mentoring to the Technology Risk and Compliance team.
• Foster a collaborative environment, encouraging professional growth and capability development within the team.

Continuous Improvement:

• Drive continuous improvement in technology risk and compliance processes and practices through regular reviews and benchmarking against industry best practices.
• Encourage innovation in managing technology risks and compliance using advanced analytics, tools, and methodologies.

Qualifications:

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field; advanced degrees or professional certifications (CISA, CRISC, CISSP, CISM) preferred.

Experience:

• Minimum of 5 years of experience in IT risk management, compliance, audit, or related roles.
• Proven track record in leadership roles managing technology risk and compliance functions.
• Deep understanding of technology governance frameworks, risk assessment methodologies, regulatory compliance standards, and control implementation.

Key Skillsets (3 - 5 skillsets):

• Strong leadership and strategic thinking skills. 
• Vendor Management skill for managing multiple Managed Service Providers.
• Excellent communication, presentation, and stakeholder management capabilities.
• Strong analytical, problem-solving, and decision-making skills.
• Extensive knowledge of regulatory frameworks, compliance requirements, and best practices in technology risk management.
• Ability to effectively manage and motivate teams to achieve high performance.