GRC Lead (Bangkok based, relocation provided)

Full Time
Bangkok, Thailand
3 months ago

About Agoda 

Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with more than 3.6 million accommodations globally. Based in Asia and part of Booking Holdings, our 6,000+ employees representing 90+ nationalities foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.

Our Purpose - Bridging the World Through Travel 

We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone.

Get to Know our Team:   

The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products.  This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment.  

 

The Opportunity:  

We are seeking a dedicated professional with experience in GRC (Governance, Risk Management, and Compliance). The ideal candidate will collaborate with internal stakeholders and external auditors to manage Information Security and compliance risks. While experience in various lead auditing roles will be considered, our primary preference is for expertise in leading PCI, SOC2, and Cloud Security audits. In this role, you will allocate 20-35% of your time to Business Continuity, with the remainder dedicated to GRC domains from your most effective work location.

The role will require and independent pro-active thinker, strong stakeholder management, and natural team player.

This position is open to both local and international candidates with relocation support available for eligible candidates to help ensure a smooth transition to working and living in Bangkok.

 In this Role, you will get to:   

  • Leads, owns, and drives projects, audits, and proactive initiatives with minimal oversight, ensuring successful delivery from concept to completion, while complying with both internal and external standards and regulations.
  • Extensive experience and expertise while consistently improve risk, compliance & resilience strategies, roadmaps and align with industry frameworks PCI DSS, SOC2, BCP etc. 
  • Leads and manages complex IT security projects, ensuring clear communication to achieve the intended vision, and spearheads major cross-platform and cross-functional initiatives.
  • This position requires a proven subject matter expert with demonstrated competency in the planning, development, program execution, maintenance and testing of GRC functions including Business Continuity.
  • Track and ensure adequate and timeley resolution to all audit and risk assessment findings or issues relating to information security, and never miss a deadline.
  • Proactively and effectively communicates any gaps or improvements, both internally and externally, through written and verbal communication.
  • Positively influences the team and peer teams by proactively spearheading advancements.

 What you'll Need to Succeed:  

  • Experience of working on Risk Analytics experience within IT Threat, Vulnerability, Business Continuity, and Risk Assessment,National and International Regulatory Compliances and Frameworks such as NIST Cyber Security Framework, ISO, PCI DSS, GDPR etc.In depth knowledge of IT Security Management risk practices.
  • Bachelor's degree in a related field such as Business, Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience
  • 5-7 years of experience working in a technology role, preferably in a security background. 
  • Strong understanding of international Information Security standards.
  • The ability to work on multiple projects simultaneously and balance conflicting demands
  • Comfortable analyzing operational and technical data, working under pressure and meeting deadlines
  • Independent self-starter, problem-solving mindset, team player and ability to multi-task
  • Strong communication, including presentation skills, able to convey complex concepts to a variety of audiences
  • Strong project management skills.
  • The flexibility to make quick decisions as disasters change and develop.

 It's great if you have:  

  • Experience leading global projects across different locations.
  • Individuals must have IT-related experience demonstrating each of the four competencies listed below:
    • Attention to Detail- Is thorough when performing work and conscientious about attending to detail.
    • Stakeholder management- Works with clients and leadership.
    • Oral Communication- Expresses information to individuals or groups effectively.
    • Problem Solving- Identifies problems; determines accuracy and relevance of information.
*Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are…
  • Hybrid Working Model
  • WFH Set Up Allowance
  • 30 Days of Remote Working from anywhere globally every year
  • Employee discount for accommodation globally
  • Global team of 90+ nationalities
  • 40+ offices and 25+ countries
  • Annual CSR / Volunteer Time off
  • Benevity Subscription for employee donations
  • Volunteering opportunities globally
  • Free Headspace subscription
  • Free Odilo & Udemy subscriptions
  • Access to Employee Assistance Program (third party for personal and workplace support)
  • Enhanced Parental Leave
  • Life, TPD & Accident Insurance

 

#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #dusseldorf #dortmund #essen #Bremen #leipzig #dresden #hanover #nuremberg #athens #hongkong #budapest #jakarta #bali #dublin #telaviv #jerusalem #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #yokohama #nagoya #okinawa #fukuoka #sapporo #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #bucharest #doha #alrayyan #moscow #saintpetersburg #riyadh #jeddah #mecca #medina #singapore #capetown #johannesburg #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #dubai #abudhabi #sharjah #london #manchester #liverpool #edinburgh #kiev #hcmc #hanoi #amsterdam #bucharest #lodz #wroclaw #poznan #katowice #rio #salvador #bandung #yokohama #nagoya #okinawa #fukuoka #newdelhi #Pune #Hyderabad #Bangalore #Mumbai #Bengaluru #Chennai #Kolkata #Lucknow #IT #4 #LI-RS1 #LI-Hybrid

 

 

Equal Opportunity Employer 

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

To all recruitment agencies: Agoda does not accept third party resumes. Please do not send resumes to our jobs alias, Agoda employees or any other organization location. Agoda is not responsible for any fees related to unsolicited resumes.