We are seeking a Compliance Officer to lead and support cybersecurity, governance, and risk management initiatives across digital platforms and smart solutions. The role will focus on establishing, monitoring, and improving security and privacy practices, ensuring alignment with industry standards, international regulations, and organizational objectives. The Compliance Officer will serve as a focal point for all cybersecurity-related tasks, collaborating with internal teams, government stakeholders, and technology partners to build a robust cybersecurity framework and enhance security awareness across all platform operations.

Key Responsibilities

Governance & Audit

• Review and assess existing governance models, structures, and processes; define the baseline for compliance and security engagement activities.
• Define the targeted level of governance maturity and perform gap analysis against industry frameworks, standards, and models.
• Identify inconsistencies, overlaps, and gaps in governance structures and processes; map current operations and propose improvements.
• Develop a Plan of Action outlining prioritized activities, deliverables, and milestones to achieve the target state of the security framework.

Policy Enablement

• Implement and enforce security policies across key areas such as Digital Identification, Global Security, Information Classification, IoT Security, and Organizational Governance.
• Ensure policies are applied consistently to platform use cases and services.
• Collaborate with technology partners on defining Cloud-based Security Control Frameworks to facilitate policy compliance and adoption.

Awareness & Training

• Develop and maintain an ongoing security awareness program for platform operators and key personnel.
• Assemble and manage the Security Awareness Team, defining roles, responsibilities, and training requirements for stakeholders at all levels.
• Deliver training content focused on policies, standards, procedures, and best practices to ensure high-level, daily security awareness.

Risk Management

• Maintain and refresh the risk register, identifying points of risk acceptance, escalation paths, and ownership.
• Establish the organization’s risk appetite and perform risk identification, analysis, and documentation.
• Support continuous improvement of security operations by providing guidelines for governance, controls, and situational awareness.

Privacy & Regulatory Compliance

• Maintain expertise in regulatory frameworks such as GDPR, HIPAA, FFIEC, PCI, and CJIS.
• Map services and processes to these regulations to ensure information integrity, confidentiality, and availability.
• Support privacy-related activities in coordination with incident management to detect unauthorized access, enforce protective measures, and manage potential data leaks.

Skills & Abilities

• Excellent interpersonal, communication, and presentation skills.
• Strong customer orientation and ability to engage multiple stakeholders.
• Solid understanding of technology, cybersecurity frameworks, and relevant solutions.
• Ability to analyze complex risk and compliance scenarios and provide actionable recommendations.
• Knowledge of industry best practices in governance, security, privacy, and risk management.