About You The Senior Executive, Risk & Compliance is a technical & hands on role that will lead and support the continuous improvement of Information Security for Carsome Group. Your Day-to-Day ● Perform end-to-end risk management activities which includes internal risk assessments, third party risk assessments, risk treatment plans, risk tracking as well as enhancing the existing process and framework. ● Collaborate & build relationships with internal and external stakeholders for improved risk analysis. ● Perform end-to-end security compliance management which includes but not limited to, being the security liaison for external and internal auditors, coordination & execution of security compliance programs (ISMS, Internal Policies / Manuals / SOPs, regulatory requirements, etc), support and lead all organization audits (example: SOX, PCIDSS, RMIT, PDPA) etc. ● Support security awareness initiatives by collating and communicating content through various channels. ● Support and contribute to policy, manual and standard operating procedures development & enhancements. Your Know-How ● Bachelor Degree in Cyber Security / Computer Science / Information Technology or equivalent. ● Minimum of 5 years working experience leading and conducting security audits and risk management activities preferably with a cloud background. ● In-depth knowledge and experience in technical security controls in identifying strengths and weaknesses in enterprise and cloud environments. ● Experience in identifying, analyzing and translating security audit requirements that might affect organization security. ● In-depth experience in end-to-end quantitative risk management will be advantageous. ● Good understanding of security best practices, regulatory requirements and compliance ● CISA, CRISC, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer certifications are an advantage. ● PowerPoint Presentation, Document and Spreadsheet (e.g: Excel, Word) Skills ● Passionate, Respectful, Collaborative, and Proactive ● Excellent interpersonal skills. ● Strong oral and written communication skills in English. ● Able to speak and present information in a professional manner to all levels of people. ● Proven ability to work independently within fast-paced and dynamic work environments while being self-motivated and a great team player.