IT Compliance Analyst

Apply now »

Date: 10 Apr 2025

Location: Kingston, Jamaica

Company: GraceKennedy Ltd.

 

The GraceKennedy Financial Group seeks to identify an individual looking for an excellent opportunity to progress his/her career; and who possesses the vision and energy to help drive dynamic changes across the group, in the following capacity:-​

IT COMPLIANCE ANALYST

 

 

The IT Compliance Analyst is responsible for ensuring that the financial services group and its subsidiaries adhere to industry regulations, internal policies, and best practices related to IT compliance, audit, and cybersecurity risk management. Operating across multiple local and regional jurisdictions with distinct regulatory frameworks, this role demands expertise in cross-border regulatory compliance, data protection, IT governance, and risk management. The analyst will develop, implement, and oversee IT compliance programs that align with the organization’s business strategy and regulatory obligations.

 

Key Responsibilities

  • Ensure ongoing compliance with IT regulations, financial services laws, and data protection frameworks across multiple jurisdictions.
  • Develop, implement, and maintain IT governance policies aligned with international standards such as ISO 27001, NIST, COBIT, GDPR, JDPA, PCI-DSS, and ITIL.
  • Track and assess regulatory developments, ensuring timely updates to policies and compliance strategies.
  • Serve as a liaison with regulatory bodies, facilitating audits and ensuring all compliance reporting requirements are met.
  • Conduct IT risk assessments and proactively identify vulnerabilities and compliance gaps.
  • Monitor and evaluate the effectiveness of IT security and compliance controls.
  • Define and track key compliance metrics (KPIs) and guide remediation efforts across IT and business units.
  • Lead and support internal and external IT audits, ensuring timely execution and effective resolution of findings.
  • Perform self-audits and control testing to assess ongoing compliance and risk exposure.
  • Implement continuous improvements to audit processes and prevent recurring issues.
  • Assess third-party vendors for compliance with contractual and regulatory standards.
  • Collaborate with procurement and IT teams to enforce vendor compliance requirements, especially for cloud-based and outsourced services.
  • Support IT security incident response and ensure timely regulatory reporting of breaches.
  • Implement monitoring controls to detect, report, and remediate compliance violations.
  • Oversee compliance with data privacy regulations, including data classification, encryption, retention, and cross-border transfer controls.
  • Support privacy impact assessments and data protection initiatives in collaboration with legal and security teams.
  • Ensure IT alignment with business continuity and disaster recovery standards, including regular testing and risk assessments.
  • Monitor and report on system recovery objectives (RTO/RPO) for critical infrastructure.
  • Develop and deliver IT compliance and cybersecurity awareness training for staff.

 

Required Qualification, Experience, Knowledge and skills:

  • Bachelors degree in Computer Science/Audit/IT Governance or related area.
  • Minimum three (3) years of relevant experience in a similar role; IT audit and risk management experience are considered an asset.
  • Understanding of IT security principles, controls and related technologies.
  • Familiar with data privacy and other regulatory standards (i.e. NIST 800, ISO/IEC 27002, GDPR, PCI, ITIL, JDPA).
  • Capable of interacting with individuals of differing levels of experience and expertise.
  • CISA, CGEIT and CIPM certifications or equivalent are desirable.
  • Strong analytical, problem solving and decision-making skills.
  • Excellent presentation and communication skills, both written and verbal.
  • Excellent interpersonal, negotiation and mediation skills.
  • High level of initiative and flexibility.

Qualified applicants are invited to submit applications no later than 21/04/2025 via the careers section of our Corporate Website at www.gracekennedy.com

 

GraceKennedy Financial Group upholds the principles of fairness and equity in the treatment of all our employees and stakeholders. The Company is committed to equity in all its employment practices and policies and seeks to recruit, develop and retain its employees on the basis of merit, ability and performance. As such, we are committed to ensuring equal opportunity in employment, and will not discriminate on the grounds of race, national origin, religion, gender, or otherwise.