Transformation Lead, Information Security

Ninja Van is a late-stage logtech startup that is disrupting a massive industry with innovation and cutting edge technology. Launched 2014 in Singapore, we have grown rapidly to become one of Southeast Asia's largest and fastest-growing express logistics companies. Since our inception, we’ve delivered to 100 million different customers across the region with added predictability, flexibility and convenience. Join us in our mission to connect shippers and shoppers across Southeast Asia to a world of new possibilities. 
More about us: - We process 250 million API requests and 3TB of data every day.- We deliver more than 1.5 million parcels every day.- 100% network coverage with 1000+ hubs and stations in 6 SEA markets (Singapore, Malaysia, Indonesia, Thailand, Vietnam and Philippines), reaching 500 million consumers.- 600,000 active shippers in all e-commerce segments, from the largest marketplaces to the individual social commerce sellers.- Raised more than US$500 million over five rounds.
We are looking for world-class talent to join our crack team of engineers, product managers and designers. We want people who are passionate about creating software that makes a difference to the world. We like people who are brimming with ideas and who take initiative rather than wait to be told what to do. We prize team-first mentality, personal responsibility and tenacity to solve hard problems and meet deadlines. As part of a small and lean team, you will have a very direct impact on the success of the company. 

Role and responsibilities

• Regional:
• Program Manager of all company wide projects and programs in Information Security. 
• Manage risks, issues, dependencies and actions related to the program
• Ensure alignment between various InfoSec Functions, along with IT and Engineering
• Manage the dependencies and progress of IPO readiness activities
• Manage interactions with clients, manage client audits, engage with Client Senior Leadership and address their concerns.
• Setup and support in the running of the Tech SteerCo Regional and in SG
• Strong knowledge of understanding  business and security requirements and translating the requirements into effective and efficient policies and processes
• Setup Cadence for program governance and program management.
• Training and Incident Response
• Local:
• Run local security training programs
• Communicate and ensure implementation of group IS policies, procedures and processes locally. 
• Adapt security procedures as per local needs where required
• Qualify local Security Incidents and co-ordinate incident response with Group IS
• Lead and/or participate in post Incident Reviews
• Compliance:
• Support local business in Security Architecture decisions by working in liaison with Group Information Security
• Manage resolution of vulnerabilities or issues detected in local IT/Tech Infrastructure
• Reduce the information security risk by identifying the root cause and working with local/group stakeholders to take corrective actions
• Support Local Team with questions related to regulatory compliance and IT/InfoSec audits.

Requirements

• Bachelors in Information Security / STEM (science, technology, engineering and mathematics) degree
• At least 8-10 years of experience in IT/Information Security
• Experience in leading IT security, attestation and assurance audits globally
• Experience in Delivering large scale transformation projects
• Professional security related qualification (e.g. CISM, CISA, CRISC.) will be favorable although not mandatory

Submit a job application
By applying to the job, you acknowledge that you have read, understood and agreed to our Privacy Policy Notice (the “Notice”) and consent to the collection, use and/or disclosure of your personal data by Ninja Logistics Pte Ltd (the “Company”) for the purposes set out in the Notice. In the event that your job application or personal data was received from any third party pursuant to the purposes set out in the Notice, you warrant that such third party has been duly authorised by you to disclose your personal data to us for the purposes set out in the the Notice.