IT Compliance Manager

Roles and responsibilities

The IT Compliance and Reporting Specialist will be responsible to ensure IT compliance with policies, regulations, and best practices, while providing strategic insights and high-quality reports to support governance and maintain efficient IT services.

Key Result Areas:

• Ensure compliance with internal IT policies, procedures, and external regulations. Identify gaps or risks and recommend actions to mitigate potential compliance issues.
• Prepare comprehensive and detailed reports for the IT Governance team and the Executive Director of IT, providing insights on compliance status, risks, and opportunities for improvement.
• Assist in reviewing and updating IT policies and procedures to reflect changes in regulatory requirements or operational needs. Ensure that all documentation is current and accessible.
• Support internal and external audits by providing accurate data, documentation, and evidence of
• compliance. Work closely with auditors to address any findings or recommendations.
• Conduct regular assessments of IT risk and compliance, ensuring QFIT’s IT services align with best
• practices and industry standards.
• Work closely with cross-functional teams and service providers to ensure compliance requirements are understood and followed. Collaborate with the IT Governance team to implement and track compliance initiatives.
• Track and analyse compliance metrics and KPIs to ensure that IT services meet contractual obligations and regulatory standards. Present findings clearly and concisely to the Executive Director of IT.
• Collaborate with national regulatory agencies to stay informed about new regulatory requirements.
• Maintain IT compliance with ISO 27001, NIA and any other relevant certifications.
• Other reasonable tasks as assigned by the supervisor

Desired candidate profile

• Bachelor’s degree in information technology, Business Administration, or a related field & 2-5 years of relevant fulltime work experience in IT compliance, governance, or a related discipline.
• Strong understanding of regulatory frameworks such as GDPR, ISO 27001, and other IT compliance standards.
• Excellent analytical, reporting, and communication skills.
• Proficiency in report generation and data analysis tools.
• Experience in an internal shared services environment.
• Certification in IT Governance, Risk, or Compliance (e.g., CISM, CRISC).
• Familiarity with IT audit processes and reporting requirements.
• Excellent writing skills with the ability to draft and edit a variety of written reports and communications and to articulate ideas clearly and concisely; Arabic proficiency is an advantage.
• Proficiency in MS Office applications