IT Policies & Compliance Manager

Job Purpose:

developing, implementing, and monitoring IT policies and ensuring compliance with regulatory and industry standards. This role ensures that the bank’s IT practices align with legal, security, and governance requirements, mitigating risks associated with IT operations.

Job Responsibilities:

• Design, review, and update IT policies and procedures to ensure alignment with legal, regulatory, and industry standards.
• Ensure policies cover key areas such as cybersecurity, data privacy, data governance, business continuity, and disaster recovery.
• Work with IT and business units to implement and enforce IT policies across the organization. :
• Ensure IT compliance with local and international regulations (e.g., GDPR, PCI DSS, ISO 27001, COBIT, NIST, Central Bank of Egypt regulations, etc.).
• Coordinate with internal and external auditors to support IT compliance audits.
• Monitor evolving regulatory landscapes and implement necessary adjustments to policies and procedures.
• Identify, assess, and mitigate IT-related compliance risks, ensuring adherence to regulatory frameworks.
• Work with IT risk teams to develop and implement risk management frameworks.
• Regularly review and test business continuity and disaster recovery (BCP/DR) plans to ensure compliance with IT governance requirements.
• Oversee the incident response process, ensuring swift reporting and remediation of IT security incidents.
• Ensure that data breaches and security incidents are handled per regulatory and internal policy requirements.
• Work with IT security teams to analyze root causes and implement preventive measures.
• Liaise with senior management, IT security teams, legal, and risk management departments to coordinate IT governance efforts.
• Provide guidance and training to IT staff and business units on IT policies, risk management, and compliance best practices.
• Serve as the primary point of contact for regulatory authorities and industry compliance bodies.
• Lead continuous improvement initiatives in IT governance, security, and compliance.
• Conduct regular reviews of IT practices to identify and address compliance gaps.
• Stay updated on emerging IT governance trends, industry best practices, and regulatory changes.
• Prepare regular reports for senior management on IT risk exposure, compliance issues, and policy effectiveness.
• Maintain comprehensive documentation of IT policies, compliance reports, risk assessments, and audit findings.

Job Qualifications :

• Bachelor's degree in Information Technology, Computer Science, Business Administration, accounting or a related field.
• Advanced certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), ITIL, or COBIT are highly preferred.
• Minimum 8+ years of experience in IT governance, compliance, risk management, or cybersecurity.
• Strong experience in developing IT policies, managing IT audits, and ensuring regulatory compliance.
• Proven track record in implementing IT governance frameworks and working with regulatory bodies.