We are looking for an experienced IT Governance, Risk & Compliance (GRC) Manager to lead the organisation's ICT governance framework and strengthen technology risk management, regulatory compliance, and operational resilience.
This role is ideal for someone who enjoys working at the intersection of technology, cybersecurity, governance, and regulatory compliance. You will collaborate with technology teams, business stakeholders, auditors, and regulators to ensure ICT controls remain effective, risks are managed proactively, and compliance requirements are embedded across the organisation.
Key Responsibilities
- Lead and maintain the organisation's IT Governance, Risk & Compliance (GRC) framework.
- Manage ICT risk assessments, risk registers, and remediation activities to strengthen the organisation's security posture.
- Ensure compliance with applicable regulations and industry standards, including DORA, NIS2, GDPR, and ISO 27001.
- Develop, review, and maintain IT policies, standards, and governance documentation.
- Coordinate internal and external IT audits, ensuring timely resolution of findings and compliance actions.
- Monitor and report on ICT risks, compliance metrics, and governance performance to key stakeholders.
- Support third-party risk management, operational resilience, business continuity, and disaster recovery initiatives.
- Collaborate with cross-functional teams to promote best practices, continuous improvement, and a strong culture of governance and compliance.
Requirements
- At least 3 years' experience in IT Governance, Risk & Compliance (GRC), IT Risk, IT Audit, Cybersecurity, or a similar role.
- Good knowledge of governance and security frameworks such as COBIT, ITIL, ISO 27001, and NIST.
- Understanding of ICT regulations including DORA, NIS2, GDPR, and other relevant compliance standards.
- Experience managing ICT risk assessments, audits, compliance activities, and policy development.
- Excellent analytical, communication, and stakeholder management skills with the ability to work collaboratively across technical and business teams.
Benefits
- Hybird Work model and Flexible Hours
- Mentorship, and professional development programmes.
- 2 Month Remote Work programme
- Health Insurance
Education and experience
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Business Information Systems, or a related discipline.
- Professional certifications such as CISM, CRISC, CISA, CISSP, ISO 27001 Lead Implementer, ITIL, or COBIT are highly desirable.
- Additional training in AI governance or emerging ICT regulations is considered an advantage.
Corporate Services Jobs in Malta focus on ensuring that companies follow best practices with regards to legal and financial issues. Jobs in corporate services within this sector include corporate administration, corporate executive, due diligence / AML, MLRO, regulatory compliance, residency & citizenship, and yachting & shipping roles.