About the Role
We are seeking a seasoned IT Governance, Risk and Compliance Manager to lead our efforts in ensuring the effective management of IT risks and ensuring compliance with relevant regulations.
Key Responsibilities
* Develop and maintain an IT governance framework aligned with our strategic objectives.
* Collaborate with stakeholders to define IT policies, standards, and procedures.
* Monitor key performance indicators (KPIs) and produce reports to assess the effectiveness of IT governance.
* Ensure timely reporting to the Head of IT.
* IDentify, assess, and prioritize risks relating to information systems and digital infrastructures.
* Implement and monitor risk mitigation plans.
* Carry out impact analyses and propose solutions to strengthen IT resilience.
* Ensure compliance with standards such as ISO 27001, RGPD, PCI-DSS, and other applicable regulations.
* Organize and supervise internal and external IT audits.
* Maintain complete and up-to-date documentation of compliance processes.
* Work with cybersecurity teams to integrate necessary controls into IT systems.
* IDentify vulnerabilities and propose improvements to minimize security risks.
* Train employees in good IT security and compliance practices.
* Serve as a key liaison between IT teams, business departments, and senior management.
* Organize awareness sessions on IT risks and compliance requirements.
* Prepare regular reports to inform management of progress and potential risks.
Required Qualifications and Skills
* Masters degree in computer science, information systems management, or equivalent.
* Relevant certifications, such as CISM, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor.
Benefits
* Minimum 5 years experience in a similar role or in IT risk management, compliance, or information security.
* Experience in project management and coordination with multidisciplinary teams.
What We Offer
* Analytical skills.
* Good interpersonal skills.
* Teamwork and collaboration.
Knowledge of IT governance frameworks, IT risk management, cybersecurity, and GRC tools is highly desirable.