Security Governance

Full time Forex Fintech Information Security

Job Description

Security Governance

Our Ascend vision is to create life opportunities with innovative digital services. We are blessed to be operating in ASEAN, where we are able to help one of the world’s largest populations of underbanked, the people from some of the poorest provinces who are disregarded by traditional banks. So many lives are waiting for our help.

In 2017, we served over 30 million customers in 6 countries (Thailand, Cambodia, Myanmar, Vietnam, Indonesia, Philippines), and processed over 4.5 billion USD. This makes us by far the largest fintech company in SE Asia, and growing quickly.

As a member of our esteemed Info Security and Governance team, you will be helping to bring this vision to reality by leveraging the most modern cloud-native technologies. At Ascend, you will be part of a team who are directly responsible for improving the lives of millions.

Security Governance

We are seeking an experienced Security Governance Specialist to join our team. The successful candidate will be responsible for audit tracking, security project management, security risk management, and the establishment of policies, standards, and procedures. This role is critical in ensuring that our organization maintains a strong security posture and complies with relevant regulations and industry best practices. The Security Governance Specialist will also play a vital role in effectively communicating security issues to the technology team and collaborating with them to resolve these issues.

Key Responsibilities

Security Project Management:

● Oversee the planning, execution, and monitoring of security-related projects.

● Coordinate with cross-functional teams to ensure successful project delivery.

● Develop project plans, schedules, and budgets, and track progress against established objectives.

● Communicate project status, risks, and issues to relevant stakeholders.

● Security Risk Management:

Identify, assess, and prioritize security risks across the organization.

● Develop and implement risk mitigation strategies and controls.

● Monitor and report on the effectiveness of risk management activities.

● Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.

Establishment of Policies, Standards, and Procedures:

● Develop, review, and maintain security policies, standards, and procedures.

● Ensure alignment with regulatory requirements and industry best practices.

● Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.

● Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.

Communication and Collaboration with Technology Team:

● Effectively communicate security issues and concerns to the technology team.

● Collaborate with the technology team to develop and implement solutions to address identified security issues.

● Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.

● Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.

Essential Skills & Prerequisites

● A positive, can-do attitude, who naturally expresses a high degree of empathy to others.

● Bachelor's degree in Information Security, Computer Science, or a related field.

● A minimum of 5 years of experience in information security, with a focus on security governance.

● Professional certifications such as CISSP, CISM, or CRISC are preferred.

● Strong understanding of information security principles, frameworks, and best practices.

● Experience in audit management, risk assessment, and policy development.

● Excellent project management and organizational skills.

● Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.

● Demonstrated ability to work independently and deliver results under tight deadlines.

● Talent to identify and create a broad vision for a security solution and to execute it;

● Systems Thinking - the ability to see how parts interact with the whole (big picture thinking);

● Proven experience of acting as the expert in project teams. PERSONAL SKILLS: Ability to explain your thoughts or findings also to non- technical professionals;

● Good command in written and spoken Thai and English language.