Ensure compliance with internal IT policies, procedures, and external regulations. Identify gaps or risks and recommend actions to mitigate potential compliance issues.
Prepare comprehensive and detailed reports for the IT Governance team and the Executive Director of IT, providing insights on compliance status, risks, and opportunities for improvement.
Assist in reviewing and updating IT policies and procedures to reflect changes in regulatory requirements or operational needs. Ensure that all documentation is current and accessible.
Support internal and external audits by providing accurate data, documentation, and evidence of
compliance. Work closely with auditors to address any findings or recommendations.
Conduct regular assessments of IT risk and compliance, ensuring QFIT’s IT services align with best
practices and industry standards.
Work closely with cross-functional teams and service providers to ensure compliance requirements are understood and followed. Collaborate with the IT Governance team to implement and track compliance initiatives.
Track and analyse compliance metrics and KPIs to ensure that IT services meet contractual obligations and regulatory standards. Present findings clearly and concisely to the Executive Director of IT.
Collaborate with national regulatory agencies to stay informed about new regulatory requirements.
Maintain IT compliance with ISO 27001, NIA and any other relevant certifications.
Other reasonable tasks as assigned by the supervisor
Minimum Knowledge, Skills & Experience:
Bachelor’s degree in Information Technology, Business Administration, or a related field & 2-5 years of relevant fulltime work experience in IT compliance, governance, or a related discipline.
Strong understanding of regulatory frameworks such as GDPR, ISO 27001, and other IT compliance standards.
Excellent analytical, reporting, and communication skills.
Proficiency in report generation and data analysis tools.
Experience in an internal shared services environment.
Certification in IT Governance, Risk, or Compliance (e.g., CISM, CRISC).
Familiarity with IT audit processes and reporting requirements.
Excellent writing skills with the ability to draft and edit a variety of written reports and communications and to articulate ideas clearly and concisely; Arabic proficiency is an advantage.
