Get to know our Team:
Security Assurance team provide depth in assisting Grab team, partners, JVs and their stakeholders to understand and address their security, regulatory and compliance requirements.
This key position requires specialized experience supporting regulatory and compliance efforts and will have high visibility at the most senior levels at Grab including frequent interaction with senior leadership and staffs. The position, at Security Assurance team, will act as the primary Security Assurance interface for the internal and external information security requirements.
Get to know the Role:
- In this highly visible role, you will work with multiple stakeholders within Grab to establish traceability and accountability from risks to controls, then to the capabilities that enforce and/or measure compliance to those controls, and on down to the measures of that compliance
- Working with different functional teams, define and implement process and tools to govern security compliance and alignment to industry standards like PCI DSS and SEA regulatory requirements as well as Grab’s policies and standards.
- Working reciprocally with multi-functional stakeholders, ensure that visibility into compliance to policies is made available in automated and scalable fashion, including an automated, continuous process for measuring & reporting security compliance whose outputs can be shared with Business leads and management.
- You will monitor issues regarding compliance coverage and effectiveness, and use the results to inform management on maturity and resolution processes.
- Collaborate with security teams within Grab to find opportunities for enhancing our compliance framework and processes, and make improvement recommendations based on your thorough analysis of the different business processes.
- Ensure the Confidentiality, Integrity, and Availability of Grab & customer data
The ideal candidate is someone with excellent problem-solving, communication and interpersonal skills who is/can/has:
- Handle multiple assignments
- Self-starter with proven track record of successfully working with a wide array of functional groups across an organization and cultures as well as working independently.
- Knowledge of / experience in MAS TRM and financial regulations Compliance in South East Asia from IT Security Perspective
- Strong in analytical and critical thinking skills with the ability to use data to back up assumptions, recommendations and drive actions
The day-to-day activities:
- Develop and build critical dashboards, reports, and dimensional models, including both ad-hoc and pre-defined reports that can be consumed by key partners.
- Maintain a rigorous internal review & compliance schedule to support strategic business objectives.
- Review, define, & document standard operating procedures & protocols.
- Advise & consult on technology audit & compliance solutions
- Provide input on policies, practices, and procedures throughout the Cloud security infrastructure.
- Work of the Technology Risk Management, GRC tool
The must haves:
- Experience with auditing controls, I.T. auditing fundamentals, vendor cybersecurity controls analysis and documentation
- Candidate must have good organization skills and be a self-motivated learner
- Advanced communication skills
- CISA / CISM / CISSP certification
