IT Compliance Manager

A vacancy exists for a IT Compliance Manager within the Micro Merchant Division – Kazang, in Cape Town, Century City.

The IT Compliance Manager is responsible for ensuring that the company’s IT systems and processes comply with regulatory requirements and internal policies.

This role involves developing, implementing, and monitoring compliance programs, conducting risk assessments, and ensuring that IT operations adhere to industry standards and legal requirements.

The IT Compliance Manager will work closely with various departments to identify compliance issues and implement corrective actions.

Stay current with changes in IT regulations and standards and assess their impact on the company.

Work with legal and other departments to address compliance issues related to third-party integrations, vendors and partners.

Prepare and present compliance reports to management.

Asset management and inventory tracking for all IT related systems.

Key Responsibilities include, but are not limited to:

  • Develop and implement IT compliance policies and procedures, as well as updatingand ensuring policy and policy documents adhere to current processes.
  • Maintain scheduling and conduct quarterly audits and assessments to ensure compliance with regulatory requirements. Innovate and automate these and other reviews where possible.
  • Collaborate and facilitate with both internal and external auditors, managing walkthroughs and evidence gathering.
  • Audit remediation scheduling, tracking and signoff.
  • Develop and manage IT risk management programs, including risk assessments and mitigation strategies including maintaining Risk and Control Matrix’s (RACM’s) for all systems.
  • Schedule, track and ensure BCP and change management processes are in place, being followed and tested.
  • Monitor and report on the status of all IT compliance programs to management.
  • Provide guidance and training to IT staff and other departments on compliance-related issues, including tracking and remediation of staff awareness training.
  • Investigate and resolve compliance violations and issues.

In order to be considered for this position, the following requirements must be met:

  • Bachelor’s degree in information technology, Computer Science, or a related field.
  • Minimum of 5 years of experience in IT compliance, IT audit, or a related field.
  • Proven track record of managing IT compliance programs and conducting audits.
  • Experience in developing and implementing IT compliance policies and procedures.
  • In-depth understanding of relevant IT regulations and standards, such as the Sarbanes–Oxley Act (SOX) and Protection of Personal Information Act (POPI Act) – POPIA.
  • Familiarity with industry best practices and compliance frameworks.
  • Experience with IT risk management, including conducting risk assessments and developing mitigation strategies.
  • Ability to identify, assess, and prioritize risks, and implement measures to mitigate them.

Competencies required:

  • Knowledge of IT governance frameworks such as ITIL.
  • Understanding of cybersecurity principles, practices and frameworks such as CIS Controls and NIST CSF.
  • Proficiency in using compliance management and audit tools.