Trusting Social

Responsibilities

IT Compliance Auditor will provide abilities on Information Security Risk Assessment, Compliance Auditing, Policy and Procedures Management. Responsibilities include monitoring, reviewing, and updating compliance requirements, policies, procedures and security best practices in the IT process with support from InfoSec, HR/Legal and relevant IT teams. Additionally, the position will be executing periodically on the security risk assessment and compliance auditing to drive risk-informed decisions. The position will also support management and response  to third party security risk assessment from our customers/partners as well as support security awareness activities. Specifically, you will:

• Compliance Auditing: Periodically evaluate the compliance status of current IT processes based on our predefined policies and Industry standards (ISO 27001, PCI-DSS, NIST, CSA, etc). Collect information and prepare the detailed report for Head of InfoSec and CTO on identified gaps, follow up with relevant teams for remediation plan tracking and status report. Collect, update and manage InfoSec compliance requirements from multiple countries government laws/regulations, customer/business partners policies, industry standards and service contracts.
• Risk Assessment: Support to develop IT risk management template and framework to align with our defined policies and industry standards. Support to manage and maintain the IT risk profile with current gaps, impact, remediation plan, owners and other relevant attributes to ensure that these identified risks are on track and addressed on a timely basis.
• Security Awareness Training: Periodically review and enhance the training content to align with new updates from our policies, industry standards. Follow up with HR and Line manager/Head of Department to report the training completion status and security awareness test result. Remind and train our employees in new policies, standards or procedures. Promote a culture of security within the company via innovative training and awareness methodologies.
• Third-party Risk Assessment: Establish and execute processes to appropriately assess and manage our third-party security risk. Support to respond to assessment questionnaires from our customers/business partners, follow up with relevant teams to prepare and provide proof of compliance/evidence.
• Administrational Tasks: Work as an assistant for InfoSec team in project management to prepare necessary documents, templates and monitor the progress of project implementation. Periodically review IT Changes/Notifications to ensure they are complied with defined processes and report to person-in-charge of abnormal or suspicious cases. Support to prepare InfoSec monthly and quarterly reports or on-demand reports.

Requirements

• Bachelor's Degree in Computer Science or related IT field.
• At least 1 year of experience in IT compliance audit and risk assessment.
• Experience or familiarity with security frameworks such as ISO 27001, PCI-DSS, NIST, and CSA.
• Demonstrated capability to communicate within InfoSec team and relevant teams for auditing.
• Basic knowledge for security concepts and best practices on Native clouds, API, Infra as a Code and Container technology.

What we offer

Join our team and enjoy:

• Competitive compensation package, including 13th-month salary and performance bonuses
• Comprehensive health care coverage for you and your dependents
• Generous leave policies, including annual leave, sick leave, and flexible work hours
• Convenient central district 1 office location, next to a future metro station
• Onsite lunch with multiple options, including vegetarian
• Grab for work allowance and fully equipped workstations
• Fun and engaging team building activities, sponsored sports clubs, and happy hour every Thursday
• Unlimited free coffee, tea, snacks, and fruit to keep you energized
• An opportunity to make a social impact by helping to democratize credit access in emerging markets

About us

We are an AI Fintech company specialized in assessing credit profiles of consumers in emerging markets combining pioneering AI with large alternative data sources. In 2020 we reached our ambitious milestone of credit profiling 1bn consumers spanning 4 countries - Vietnam, Indonesia, India & the Philippines - and building a platform for the wider industry and the financial services industry in particular to provide the 'un & under' served access to credit. At the core of this initiative has been our strict and unwavering adherence to the norms of consumer data privacy and consumer data rights.

But we're not satisfied as we embark on the next leg of our journey to deliver 100 million credit lines to consumers in the markets where we operate. Although this goal is ambitious, we truly believe that by harnessing the power of AI & Big Data we can deliver financial access at unprecedented scale.

As a firm, we're audacious problem solvers motivated by our impact on society. We deeply espouse the values of ownership - of our actions and initiatives, integrity in all we do and agility in execution.

We place great importance on doing what is right, what is best and what is innovative. And we are seeking people to champion these values and beliefs as we grow. Trusting Social is looking for DevSecOps. If you are smart, driven and want to make a difference in the world with the most advanced and fascinating technology, come join our team. We can satisfy your desire to explore new territory and give you the runway to really make an impact. 

Learn more about us here:

https://www.youtube.com/watch?v=inAEDGvOcL8&t=29s