Senior Manager, Security & Data Governance

Grab's mission is to move Southeast Asia forward. Through our super app and services we’re building a seamless user experience that will address more and more of consumers daily lifestyle needs. Combining Grab rides, payments and delivery services we want to provide a unified experience across these offerings.

Our data is a critical business asset – how we handle and manage that data must be compliant with laws/regulations and preserve its confidentiality, availability and integrity. This role forms part of Grab’s Tech Security Compliance & Privacy functions and will support the Head of InfoSec in leading and managing all organization-wide security, privacy and data governance policy, training and communications activities, including implementing and ensuring adherence to enterprise security, privacy and data governance frameworks and driving security and privacy compliance across the organization.

Key Responsibilities

• Develop and rollout an enterprise wide security, privacy and data governance policy framework through creation of new (and modifications to existing) organization policies and procedures, with a focus on the protection of sensitive data

• Define roles and responsibilities related to security, privacy and data governance policy and ensure clear accountability for the enterprises’ information assets

• Have a deep understanding of the Southeast Asia regional laws and regulations governing security, data protection, credit information and privacy e.g PDPA, GR82, etc.

• Drive the design, development and implementation of policies, procedures and processes for security compliance, data privacy and data protection compliance across the organization

• Maximize flow and work relentlessly with business and project teams to build security, privacy and data protection compliance requirements into their business processes and system design

• Think internationally – by staying abreast of regional and global trends and best practices in security compliance, data governance, privacy and data protection

• Be the focal point for security, privacy / data protection and data governance policy across the organization

• Together with the Security Assurance team build and manage GRC processes, including risk management and remediation tracking

• Expand the Security & Privacy Policy team across multiple countries

Desired Skills, Experience, & Qualifications

• 12+ years relevant experience in IT security, privacy, data protection and data governance

• Experience with on premise and AWS and Azure cloud security paradigms

• Experience in one of the Banking, Financial Services, Fintech or High Tech industry

• Strong experience in and familiarity with engaging directly with regulators/auditors

• Exceptional ability to consistently deliver creative, thoughtful and business-oriented results that appropriately balance growth and risk in a fast-paced and high-pressure environment

• Ability to adapt easily to rapid and diverse business changes

• Strong and effective communication skills (both oral and written)

• Capability to present security/privacy risks to the C level and the Board

• Bachelor’s degree in engineering discipline or IT or computer science required