IT Compliance Manager needed at Kazang

Key Responsibilities include, but are not limited to:

• Develop and implement IT compliance policies and procedures, as well as updating and ensuring policy and policy documents adhere to current processes.
• Maintain scheduling and conduct quarterly audits and assessments to ensure compliance with regulatory requirements. Innovate and automate these and other reviews where possible.
• Collaborate and facilitate with both internal and external auditors, managing walkthroughs and evidence gathering.
• Audit remediation scheduling, tracking and signoff.
• Develop and manage IT risk management programs, including risk assessments and mitigation strategies including maintaining Risk and Control Matrix’s (RACM’s) for all systems.
• Schedule, track and ensure BCP and change management processes are in place, being followed and tested.
• Monitor and report on the status of all IT compliance programs to management.
• Provide guidance and training to IT staff and other departments on compliance-related issues, including tracking and remediation of staff awareness training.
• Investigate and resolve compliance violations and issues.

In order to be considered for this position, the following requirements must be met:

• Bachelor’s degree in information technology, Computer Science, or a related field.
• Minimum of 5 years of experience in IT compliance, IT audit, or a related field.
• Proven track record of managing IT compliance programs and conducting audits.
• Experience in developing and implementing IT compliance policies and procedures.
• In-depth understanding of relevant IT regulations and standards, such as the Sarbanes–Oxley Act (SOX) and Protection of Personal Information Act (POPI Act) – POPIA.
• Familiarity with industry best practices and compliance frameworks.
• Experience with IT risk management, including conducting risk assessments and developing mitigation strategies.
• Ability to identify, assess, and prioritize risks, and implement measures to mitigate them.

Competencies required:

• Knowledge of IT governance frameworks such as ITIL.
• Understanding of cybersecurity principles, practices and frameworks such as CIS Controls and NIST CSF.
• Proficiency in using compliance management and audit tools.