To act as the main contact point with regulators and external parties on IT compliance matters, and to prepare and manage IT-related compliance documentation. This role also ensures that the company’s IT systems and payment services comply with applicable regulations and industry standards.
Job description:
Act as the main liaison with regulators or third parties on IT compliance issues
Monitor IT operations and ensure compliance with regulatory requirements (e.g., BOT, PDPA, PCI-DSS, ISO27001)
Prepare and maintain IT-related compliance documentation and reports as required by regulators and applicable laws
Coordinate IT audits and support regulatory inspections or external reviews
Work with internal teams (IT expat, Legal, Risk) to address compliance gaps and implement necessary controls
Support incident reporting and remediation plans related to data or system security
Qualification:
Bachelor’s degree or higher in IT, Computer Science, Information Security, MIS or a related field
Minimum 5 years of experience in IT compliance, IT audit, or IT security, preferably in financial services, fintech, or regulated industries
Strong knowledge of BOT regulations, PDPA, PCI-DSS, ISO 27001, or other relevant frameworks and standards
Proven experience working with regulators, external auditors, or legal authorities on IT compliance or technology risk matters
Good command of English (written and spoken)
Excellent documentation, reporting, policy-writing and communication skills.
Demonstrated ability to lead cross-functional projects and coordinate with internal and external stakeholders
Professional certifications such as CISA, CISSP, or ISO 27001 Lead Auditor are a plus.
Having experience with MNC or Regional Companies will be given special consideration.