Manager IT Compliance

Job Summary

Ensure end-to-end compliance with SBP regulations across IT, cybersecurity, outsourcing, data protection, and digital banking by developing, implementing, and monitoring IT policies, standards, and controls. Conduct IT risk assessments, compliance reviews, and gap analyses, and ensure timely closure of internal audit and SBP observations. Review IT outsourcing and vendor arrangements to ensure regulatory, contractual, and data security compliance. Support system implementations and enhancements by providing compliance input, overseeing UATs, and embedding regulatory requirements. Lead stakeholder coordination, team performance, and compliance awareness initiatives to strengthen the Bank’s IT risk and compliance culture.

Job Responsibilities

• Ensure compliance with SBP regulations, circulars, frameworks, and guidelines related to IT, cybersecurity, outsourcing, data protection, and digital banking.
• Develop, review, and maintain IT policies, standards, procedures, and guidelines in alignment with regulatory requirements and best practices.
• Ensure effective implementation and ongoing adherence to approved IT and information security policies across the organization.
• Conduct periodic reviews of the Bank’s IT systems to identify compliance gaps and associated risks.
• Perform IT risk assessments, gap analyses, and evaluate the effectiveness of existing controls.
• Review and assess IT-related outsourcing and vendor arrangements to ensure regulatory and contractual compliance.
• Ensure outsourcing agreements include mandatory clauses related to compliance, audit rights, data security, and business continuity.
• Identify, evaluate, investigate, and ensure timely resolution of IT compliance issues and concerns.
• Monitor IT compliance activities on a continuous basis and report on compliance status to relevant stakeholders.
• Coordinate with all stakeholders to provide compliance input, support User Acceptance Testing (UAT), and ensure regulatory requirements are embedded in system implementations.
• Represent the Compliance function during system developments and enhancement phases to ensure incorporation of regulatory and control requirements.
• Perform and/or oversee UATs to validate system functionality, regulatory compliance, and control effectiveness.
• Follow up on Internal Audit and SBP IT-related observations and ensure timely closure of findings.
• Coordinate with internal stakeholders to review and contribute to Requests for Proposals (RFPs), Functional Specification Documents, Agreements, Products and other system-related documentation.
• Conduct IT compliance and risk awareness training programs to promote a strong compliance culture across the Bank.
• Lead, mentor, and monitor team performance to ensure effective workload management, active participation, and continuous skill development.

Required Skills

• Prior work experience within IT Compliance/IS Audit/IT Governance function
• Excellent inter-personal, communication & negotiation skills.
• Sound knowledge of SBP regulations.
• Excellent Report Writing and Presentation skills.
• Have knowledge of SBP Reregulation

Qualification & Experiences:

• Bachelors/Masters in Software Engineering/Computer Sciences/IT
• Certifications like CISA/CISM/CGEIT will be preferred.
• Minimum 04 to 05 Years of experience at Senior level in a Commercial Bank / Microfinance Bank / Audit Firm