IT Compliance Analyst

As an IT Compliance Analyst at Dautom, you will play a critical role in ensuring that the organization’s IT systems, processes, and services comply with both current and emerging standards, including information security, IT service management, and AI governance. Your responsibilities will include conducting compliance reviews, risk assessments, audits, and reporting key performance indicators (KPIs) to support continuous improvement and alignment with evolving regulatory and industry requirements.

Key Responsibilities:

• Standard Management: Ensure compliance of IT systems and processes with standards such as ISO 27001, ISO 20000, ISR, PCI DSS, ITIL, and AI compliance requirements. Document and periodically review related policies and procedures.
• Risk Management: Conduct IT risk assessments to identify potential security and service risks. Collaborate with process and system owners to implement and monitor effective controls.
• Audit Management: Identify non-compliance issues, prepare root cause analyses, and ensure timely development and implementation of remediation plans. Participate in all internal and external IT audits.
• Training & Awareness: Develop and deliver training programs on information security and IT service management best practices, fostering a culture of compliance.
• Performance Monitoring & Reporting: Define, measure, and report IT compliance and control effectiveness metrics to management. Develop dashboards and reports using Power BI or similar tools.
• Process Controls & Continuous Improvement: Coordinate with process owners to ensure the implementation and maintenance of IT internal controls, working with relevant stakeholders to remediate identified deficiencies.
• GRC System Management: Utilize GRC tools to automate audit findings tracking, remediation management, risk assessments, and policy lifecycle reviews.

Required Skills & Qualifications:

• Educational Background: Bachelor’s degree in information technology, Computer Science, or a related field.
• Experience: 5 years of experience in IT Governance, Risk management, or a similar role.
• Technical Knowledge: Proficient in Word, Excel, PowerPoint, MS Visio, ITSM tools, Power BI, and GRC tools. Familiarity with IT systems cybersecurity principles and IT compliance frameworks.
• Communication Skills: Excellent verbal and written communication skills for reporting, audit coordination, and training purposes.
• Certifications (Preferred): CISA, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor, ITIL Foundation, or other relevant IT governance, risk, security, or compliance certifications.

Work Conditions:

• On-site
• Full-time

Language Requirements:

• Excellent proficiency in English (additional languages may be advantageous).