Compliance Discovery and Analysis

• Partner with the Group Compliance to identify and interpret new and existing technology-related regulatory requirements (e.g. Payment Service Act, PDPA, Resource Sustainability Act) and their impact on the organisation.
• Collaborate with Technology Leads to assess the applicability of these requirements to specific systems, applications, and processes.
• Conduct compliance gap assessments to discover areas where technology controls may not align with mandatory obligations.

Compliance Tracking and Remediation

• Establish and manage a central repository for tracking identified compliance gaps, their owners, and remediation timelines.
• Serve as the primary liaison between Technology teams and Group Compliance, facilitating discussions to ensure remediation plans are practical and effective.
• Monitor the progress of remediation activities, providing project management support to ensure deadlines are met and escalating roadblocks as needed.
• Serve as the primary liaison for internal and external IT audits, coordinating the process from planning and evidence gathering to validating management's remediation plans.

Compliance Reporting and Monitoring

• Develop and maintain data-driven dashboards and reports to provide clear visibility into the technology compliance posture.
• Automate the collection of control evidence where possible to support continuous monitoring and efficient reporting.
• Prepare regular status updates and formal reports for key forums, highlighting compliance status, remediation progress, and areas of concern.
• Coordinate key technology compliance programs and external assessments, such as PCI DSS and the Cyber Trust Mark (CTM).

Qualifications & Experience

• 5 to 8 years of relevant experience focused on Technology Compliance or Technology Audit.
• Proven, hands-on experience in identifying, tracking, and reporting on technology compliance gaps in a regulated environment.
• Strong working knowledge of key technology regulations and standards (e.g. MAS TRM, PDPA, PCI DSS).
• Demonstrated experience translating complex regulatory language into actionable requirements for technology teams.
• Exceptional stakeholder management skills, with a proven ability to partner effectively with senior leaders in both Technology and Group Compliance functions.
• Experience in developing metrics and dashboards to report on compliance status to senior management.
• A pragmatic and collaborative mindset, with a track record of driving compliance initiatives to completion.
• Professional certifications such as CISA or CGEIT are highly advantageous.