Assistant Manager, Cyber Risk & Compliance

About You

The Assistant Manager, Risk & Compliance is a technical & hands on role that will lead and support the continuous improvement of Information Security for Carsome Group.

• Perform end-to-end risk management activities which includes internal risk assessments, third party risk assessments, risk treatment plans, risk tracking as well as enhancing the existing process and framework.
• Collaborate & build relationships with internal and external stakeholders for improved risk analysis.
• Perform end-to-end security compliance management which includes but not limited to, being the security liaison for external and internal auditors, coordination & execution of security compliance programs (ISMS, Internal Policies / Manuals / SOPs, regulatory requirements, etc), support and lead all organization audits (example: SOX, PCIDSS, RMIT, PDPA) etc.
• Support security awareness initiatives by collating and communicating content through various channels.
• Support and contribute to policy, manual and standard operating procedures development & enhancements.

• Bachelor Degree in Cyber Security / Computer Science / Information Technology or equivalent.
• Minimum of 5 years working experience leading and conducting security audits and risk management activities preferably with a cloud background.
• In-depth knowledge and experience in technical security controls in identifying strengths and weaknesses in enterprise and cloud environments.
• Experience in identifying, analyzing and translating security audit requirements that might affect organization security.
• In-depth experience in end-to-end quantitative risk management will be advantageous.
• Good understanding of security best practices, regulatory requirements and compliance
• CISA, CRISC, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer certifications are an advantage.
• PowerPoint Presentation, Document and Spreadsheet (e.g: Excel, Word) Skills
• Passionate, Respectful, Collaborative, and Proactive
• Excellent interpersonal skills.
• Strong oral and written communication skills in English.
• Able to speak and present information in a professional manner to all levels of people.
• Proven ability to work independently within fast-paced and dynamic work environments while being self-motivated and a great team player.