About You
The Lead, Risk & Compliance is a technical & hands on role that will lead and support the continuous improvement of Information Security for Carsome Group.
Your Day-to-Day
● Perform end-to-end risk management activities which includes internal risk assessments, third party risk assessments, risk treatment plans, risk tracking as well as enhancing the existing process and framework.
● Collaborate & build relationships with internal and external stakeholders for improved risk analysis.
● Perform end-to-end security compliance management which includes but not limited to, being the security liaison for external and internal auditors, coordination & execution of security compliance programs (ISMS, Internal Policies / Manuals / SOPs, regulatory requirements, etc), support and lead all organization audits (example: SOX, PCIDSS, RMIT, PDPA) etc.
● Support security awareness initiatives by collating and communicating content through various channels.
● Support and contribute to policy, manual and standard operating procedures development & enhancements.
Your Know-How
● Bachelor Degree in Cyber Security / Computer Science / Information Technology or equivalent.
● Minimum of 5 years working experience leading and conducting security audits and risk management activities preferably with a cloud background.
● In-depth knowledge and experience in technical security controls in identifying strengths and weaknesses in enterprise and cloud environments.
● Experience in identifying, analyzing and translating security audit requirements that might affect organization security.
● In-depth experience in end-to-end quantitative risk management will be advantageous.
● Good understanding of security best practices, regulatory requirements and compliance
● CISA, CRISC, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer certifications are an advantage.
● PowerPoint Presentation, Document and Spreadsheet (e.g: Excel, Word) Skills
● Passionate, Respectful, Collaborative, and Proactive
● Excellent interpersonal skills.
● Strong oral and written communication skills in English.
● Able to speak and present information in a professional manner to all levels of people.
● Proven ability to work independently within fast-paced and dynamic work environments while being self-motivated and a great team player.
Top Skills
What We Do
CARSOME is Southeast Asia’s largest integrated automotive e-commerce platform. With operations across Malaysia, Indonesia, Thailand, Singapore, and the Philippines, CARSOME aims to digitize the region’s used car industry by reshaping and elevating the car buying and selling experience. The company provides end-to-end solutions to consumers and used car dealers, from car inspection to ownership transfer to financing, promising a service that is trusted, convenient, and efficient. CARSOME currently transacts around 100,000 cars annually and has more than 1,700 employees across all its offices. CORE VALUES: • Customer First • Your Problem is My Problem • Yesterday's Best is Today's Baseline • Think Big, Start Small • Do More With Less • Stay Grounded • Be an Owner For more information, please visit www.carsome.com. CARSOME Sdn Bhd (1101954-M)
.jpg)
 (1).png)
