IT Risk & Compliance Officer

Job Summary:

The Risk & Compliance Officer is responsible for ensuring that the organization adheres to legal, regulatory, and internal compliance requirements. This role involves identifying, assessing, and mitigating risks while developing and implementing policies and strategies that safeguard the organization's integrity and reputation. The Risk & Compliance Officer works closely with various departments to foster a culture of compliance and risk awareness throughout the organization.

Key Responsibilities:

• Risk Assessment: Identify and assess IT risks across the organization. Develop and maintain a risk register to monitor identified risks.
• Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, NIS2, DORA, ISO standards). Keep abreast of changes in legislation and compliance requirements that may impact the organization.
• Policy Development: Develop, implement, and communicate compliance policies and procedures. Ensure that policies reflect current laws and regulatory requirements and are effectively communicated across the organization.
• Audits and Assessments: Conduct regular audits and assessments to evaluate compliance with policies, procedures, and standards. Prepare reports for management and relevant stakeholders.
• Training and Awareness: Develop and deliver training programs to educate employees on compliance and risk management practices. Foster a culture of compliance and ethics within the organization.
• Incident Management: Assess and investigate compliance violations and incidents. Work with relevant stakeholders to remediate issues and implement corrective actions.
• Reporting: Prepare and present comprehensive reports on compliance status, risk assessments, and audit findings to senior management and the board of directors.
• Collaboration: Collaborate with internal stakeholders (e.g., legal, HR, IT) to ensure alignment on compliance initiatives and risk management strategies.
• External Relations: Liaise with regulatory authorities and external auditors as necessary, maintaining strong relationships and ensuring timely responses to inquiries.

Required Skills and Qualifications:

• Education: Bachelor’s degree in business administration, Finance, Law, Risk Management, or a related field; advanced degree or relevant certifications preferred.
• Experience: Minimum of 5 years of experience in risk management, compliance, or audit roles, preferably in a regulated industry (e.g., finance, healthcare, manufacturing).
• Certifications: Relevant certifications such as Certified Compliance and Ethics Professional (CCEP), Certified Risk Manager (CRM), or Certified Internal Auditor (CIA) are highly desirable.
• Knowledge: Strong understanding of risk management frameworks, compliance laws, and regulatory requirements that pertain to the industry.
• Analytical Skills: Excellent analytical and problem-solving skills with the ability to evaluate complex information and make informed decisions.
• Communication Skills: Outstanding verbal and written communication skills to effectively present findings and recommendations to senior management and stakeholders.
• Attention to Detail: Strong attention to detail and organizational skills to manage multiple projects and priorities effectively.

Desired Attributes:

• Integrity: High ethical standards with a commitment to upholding compliance and risk management practices.
• Proactive Mindset: Ability to anticipate risks and compliance challenges; proactive in developing solutions and implementing best practices.
• Team Player: Strong interpersonal skills to work collaboratively across departments and teams.
• Adaptability: Capacity to adapt to a dynamic regulatory environment and the changing needs of the organization.