Current vacancies

Responsibilities

• Develop, maintain, and enforce IT policies, standards, and procedures
• Define and manage the IT governance framework aligned with business objectives
• Develop and maintain IT risk management methodologies and processes
• Conduct regular IT risk assessments, identifying threats, vulnerabilities, and control gaps
• Maintain an IT risk register and track mitigation actions
• Perform Business Impact Analysis (BIA) and support Disaster Recovery/BCP planning
• Ensure compliance with internal and external requirements (ISO 27001, GDPR, SOC2, local regulations, etc.)
• Coordinate and support internal and external audits
• Track remediation of audit findings and compliance issues
• Evaluate third-party risks and maintain vendor risk assessments
• Ensure vendors comply with security and contractual requirements
• Drive the company’s preparation and compliance for international standards and certifications (e.g. ISO 27001, SOC 2, Cyber Trust Mark by CSA)
• Promote a culture of IT risk awareness across the firm

Qualifications and requirements

• At least 2 to 5 years of relevant experience in IT Governance, IT Audit and Risk Management
• Experience with IT frameworks such as ISO 27001, COBIT, NIST, CIS Benchmarks, or ITIL
• Experience with governance platforms or GRC tools (e.g. Drata, GRC, Archer, OneTrust)
• Strong understanding of IT processes, systems, networks, and infrastructure
• Able to work independently, good communication skill, multi-task, and a team player
• Excellent documentation and report-writing skills
• Willingness to learn new frameworks and adapt to compliance changes

If you are interested in this exciting opportunity, please complete the Job Application Form and indicate 167 in the Job ID field. An email will be sent to you within 10-15 minutes for you to submit your CV/resume.