JOB PURPOSE
The Senior IT Compliance role is responsible for IT compliance activities to ensure alignment with regulatory requirements, internal policies, and industry standards. This role serves as a key subject-matter expert, supporting audits, regulatory engagement, and remediation efforts, while providing guidance to IT and business teams. The position bridges strategic direction from leadership and operational execution, ensuring effective and sustainable IT compliance across the organization.
RESPONSIBILITIES
- Enhance IT compliance policies, procedures, and processes in accordance with regulatory requirements (e.g. SEC, BOT, PDPA, AMLO) and company standards
- Monitor IT compliance status and identify gaps, risks, and non-compliance issues across IT operations, systems, and projects
- Manage issue tracking, remediation, and closure processes in collaboration with IT, Security, and control owners
- Act as a key liaison for internal and external auditors on IT compliance and information security matters
- Regulatory reviews, inspections, and digital asset license-related activities in coordination with Legal and relevant stakeholders
- Prepare, review, and maintain audit documentation, compliance evidence, reports, dashboards, and metrics
- Provide advisory support and consultation to IT users and project teams on IT regulations, controls, and compliance requirements
- Lead or support implementation and maintenance of compliance frameworks and standards (e.g. ISO 27001, 27701, 22301, NIST, COBIT)
- Deliver IT compliance and information security awareness sessions to enhance organizational understanding
- Mentor and guide IT Compliance Officers or junior team members
- Monitor regulatory changes and assess impact on IT compliance and risk management
- Support IT compliance and security-related projects, including planning, coordination, and execution
- Perform other assignments as required to support departmental and management objectives
WORK EXPERIENCE REQUIREMENTS
- Bachelor's degree in Information Technology, Computer Science, Computer Engineering, Information Security, or related field
- Minimum 57 years of experience in IT Compliance, Information Security, IT Audit, IT Governance, or related disciplines
- Strong knowledge of IT controls, cyber security, compliance frameworks, and risk management
- Experience supporting internal and external audits and regulatory inspections
- Knowledge of Thailand SEC regulations related to Digital Asset businesses is an advantage
- Professional certifications such as CISA, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, COBIT, or ITIL are preferred
- Strong analytical, problem-solving, and project management skills
- Ability to work independently and collaboratively in a fast-paced, regulated environment
- Pragmatic, solution-oriented mindset with good commercial awareness
- Strong communication skills with the ability to translate regulatory and technical requirements into practical guidance
- Good command of written and spoken Thai and English
- Ability to work under pressure and manage multiple priorities effectively
