Location : Singapore or Hong Kong
We're looking for a Risk & Compliance Manager
We’re looking for an organized and driven individual to join our fast-growing IT team, which is responsible for ensuring the smooth operation of our company’s IT landscape. You will be responsible for understanding the compliance and risk management of the entire business and putting in place a framework to ensure that we:
- Adhere to our own security and privacy policies
- Achieve a high level of confidence that we’re keeping our data secure and our intellectual property safe
- Maintain our brand identity and keep trust in our brand at a high level
This will involve exceptional stakeholder management and interpersonal skills, given the geographic and cultural diversity of our global teams.
This role will be instrumental to the success of the IT department and the business as a whole, and is an excellent opportunity to join a fast-paced and growing industry with other focused, talented professionals. You will report directly to the head of IT based in Singapore, with a line to our company co-founders.
What you can look forward to in this job:
Our environment is far from a traditional IT landscape and we manage it with code using Infrastructure as Code via CI/CD pipeline. This enables us to be exceptionally versatile and agile. If we can automate it, then we do so—enabling our high-performing IT team to focus on what matters: driving business value with the tools we provide to our users. This poses new challenges for compliance and risk management—and that’s where you come in.
- A large global customer base, which brings many challenges and opportunities. We have millions of users who rely on our service 24/7/365 for a broad range of use-cases. Excellence in operations is, therefore, core to our business.
- A profitable, successful business in a fast-growing industry. We are a leader in a fragmented market and are growing quickly both because we’re gaining market share, and the industry is expanding. We have sufficient financial resources to tackle large challenges for the long term.
- A highly skilled team that uses efficient processes.
- Meritocratic culture with fast decision-making.
You will guide the entire company in understanding and documenting risk and compliance, and creating remediation plans by working with key stakeholders. As an organization, we aren’t subject to any compliance frameworks from a legal perspective. We are creating this role to determine the best and most appropriate parts of various frameworks to support our company goals.
You will be responsible for the detailed planning and implementation of this brand new compliance framework, and seeing it through to implementation and operation. You will engage with key members of each team to review, make recommendations, and track the audit items through to completion.
You will be responsible for:
- Defining the frameworks and processes that we use to manage, measure, and report on compliance
- Engaging with key stakeholders to understand their processes and areas of risk
- Evaluating compliance systems and ensuring adequate software is in place
- Creating, executing, and advising on the results of compliance audits
- Ensuring the stakeholders are aware of audit results and working with them to remediate areas of non-compliance
- Conducting compliance risk assessment training workshops
- Conducting internal reviews and audits
- Reporting on compliance and risk
- Advising internal management and business partners on the implementation of compliance programs
- Developing risk management strategies
- Following up on compliance issues that require investigation
The Compliance and Risk Management Chapter’s success metrics will include:
- Total open compliance issues
- General issues opened/remediated per quarter
- % internal audits completed on time
- % of risk items mitigated or accepted (not outstanding)
- Feedback scores on training sessions
- Compliance with the selected frameworks
To succeed in this role, we’d love for you to have experience in some or all of the following:
- Direct auditing experience in at least two of the following: PCI, SOX, NIST, GDPR, PCI models (required)
- Strong English verbal and written communication skills, as you’ll need to write clear audit frameworks and reports for hundreds of people to understand and follow (required)
- Training facilitator – You have run training for small internal groups to support the frameworks you implement (preferred)
- Excellence obtaining buy-in: As a young, fast-growing business, compliance is the next step for us; you need to be able to bring stakeholders along on that journey
- Experience creating and owning a risk and compliance strategy (preferred)
- A strong desire to safeguard the privacy of our internal users and external customers
- An analytical and critical mind: able to follow complex processes and identify risks
- The ability to understand and prioritize work
- Attractive compensation
- Based in either Hong Kong or Singapore at a spacious office in a centrally located building.
- Challenging work in a fun and collaborative environment
- Attractive compensation and time-off benefits
- Fully stocked pantry with fresh fruit and snacks
- Full-time employment with flexible working hours
- Multicultural teams represented by 30+ nationalities