IT Compliance Lead

Key Responsibility:

• Lead information security compliance within RayaCX organization including all sites and divisions.
• Lead the implementation, acquiring and certification readiness, and maintenance of ISO/IEC 27001.
• Ensure ongoing compliance with PCI DSS, GDPR, NIST and SOC 2 and other information security frameworks and requirements.
• Work closely with IT, Security, Operations, and other teams to ensure controls are implemented effectively.
• Drive governance, risk management, and compliance (GRC) initiatives across RCX.
• Audit and enforce IT compliance policies, procedures, and control frameworks.
• Support training programs related to information security, compliance, and resilience.
• Develop compliance dashboards, KPIs, and management reports.
• Govern the design, implementation, and maintenance of IT Disaster Recovery Plans (DRPs).
• Develop and maintain IT-related Business Continuity Plans (BCPs).
• Work with IT information cybersecurity department closely on client's requirements.
• Coordinate and lead BCP, risk assessments and DR testing exercises, documenting results and tracking improvements.
• Reduced IT risks and improved control effectiveness.
• Auditing IT risk assessments and compliance gap analyses across systems, infrastructure, and processes.
• Define and implement control measures to mitigate identified risks and compliance gaps.
• Ensure no risk or audit finding is closed without proper evidence, ownership, and validation.
• Plan, lead and execute internal audits, external audits, and certification audits.
• Act as the main focal point for IT compliance during client and regulatory audits.
• Track audit findings, define corrective actions, and ensure timely remediation.
• Develop, maintain, and enforce policies, procedures, and standards across the organization.
  
  
  

Qualifications: Strong analytical -risk assessment skills -Result Orientation -Operational Awareness -Building Networks- Ability to translate compliance requirements into operational controls-Client interfacing communication skills.

Strong understanding of regulatory requirements, risk management frameworks, and industry best practices.

Strong audit performance with minimal findings.