IT GRC Sr. Specialist (Governance, Risk & Compliance) (Bangkok based, relocation provided)

Bangkok (Central World Office)

Applications have closed

About Agoda 

Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with more than 2.5 million accommodations globally. Based in Asia and part of Booking Holdings, our 4,000+ employees representing 90+ nationalities foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.

Get to Know our Team:  

The IT Security team oversees Governance Risk & Compliance, Security Incident, security operations & Application Security for Agoda globally. We are vigilant in ensuring there is no breach or vulnerability threat to our company or endangering our employees in order to keep Agoda safe and protected. This role is challenge for those who want to work in an agile environment with the best technology available.  

The Opportunity:  

IT GRC Sr. Specialist will work in a team environment to assist/lead in IT Governance, Risk Management and Compliance. Specialist should be willing to be cross trained, job rotation and take on responsible in other security domain/duty. Ability to work efficiently with minimal direction and/or oversight as well as part of multiple project teams simultaneously. They will also require working closely with the security specialist of the team to maximize the opportunity.  

 

In this Role, you’ll get to:  

  • Participate in various IT Risk Management & Business continuity initiatives  
  • Ensuring that requirements in IT Audit, Standard, Policy, Compliance and Risk controls are met.
  • Provide GRC consultancy and best practices to multi cross functional business teams.
  • Actively identify and manage IT risk according to oversight and regulatory requirements including governance, metrics, oversight of SDLC, application risk assessment & third- party vendors  
  • Prior hand-on technical working experience in least 2 of the domains: SOX, Cloud Services, PCI, TPRM, BCP/DR/Crisis Management.
  • Collecting and Maintaining accurate SOX documentation, evidence and ensuring remediation activities are completed on time.,   
  • Maintain a regular and up to date SOX compliance status report.   
  • Ensure external SOX auditors have the access and information they need to complete their audit successfully.  
  • Report security incidents and breaches in a timely manner   
  • Execute comprehensive analysis reviews for business continuity plans including IT Disaster recovery, create test plans and execution and provide recommendations, where applicable.  
  • Design audit programs and test plans to determine the adequacy and effectiveness of internal controls and compliance with AGODA policies and procedures and applicable regulations especially in relation to SOX/PCI/NIST CSF/Privacy frameworks.  
  • Conduct interviews and process walkthroughs with of select personnel and document and assess business processes and information systems to determine the adequacy of the control environment.  
  • Demonstrate well IT auditing based on industry best practices and regulations. 

 

What you'll Need to Succeed:  

  • Experience with global compliance frameworks, such as SOX, PCI, NIST CSF, ISO27001 
  • 5+ years relevant experience in IT Risk & Compliance  
  • Must have experience in implementing the NIST Cyber Security Framework  
  • Knowledge in Risk Management (exposure to GRC tools is preferred)  
  • Familiar with applying compliance in a highly agile environment  
  • Education Degree - BS/BA, MIS or equivalent essential, MBA or other advanced degree desirable.  
  • Some technical experience to understand and communicate effectively with our development and operation teams.  
  • Experience is essential, but certifications, such as CISA, CISM, CRISC, CISSP or similar are also held in high regard.
  • Strong written English and verbal communication skills; ability to effectively communicate and obtain buy-in at all levels of the organization and with internal stakeholders across the business.
  • Analytical thinker who is highly organized and pays close attention to detail.

 

Join us and live where other people go for vacation. Here are some of the benefits offered by Agoda.

  • Hybrid Working model
  • WFH setup allowance
  • 30-day remote working from anywhere globally, every year.
  • Employee discount for accommodation globally
  • Global team of 85+ nationalities
  • 40+ offices in 25+ countries
  • Annual CSR/Volunteer time off
  • Benevity subscription for employee donations
  • Volunteering opportunities globally
  • Free headspace, Odilo & Udemy subscription
  • Access to employee assistance program (third party for personal and workplace support)
  • Enhanced Parental leave
  • Life, TPD & Accident Insurance

Our amazing People Team will take care of the visa process and flights + a shipment and the first 30 days of accommodation in Bangkok.

 

#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #hongkong #budapest #jakarta #bali #dublin #telaviv #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #doha #alrayyan #riyadh #jeddah #mecca #medina #singapore #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #london #manchester #liverpool #edinburgh #hcmc #hanoi #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #bangalore #Mumbai #Chennai #Kolkata #Lucknow #bandung #yokohama #nagoya #okinawa #fukuoka #jerusalem #IT #4 #LI-RS1

 

Equal Opportunity Employer 

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

To all recruitment agencies: Agoda does not accept third party resumes. Please do not send resumes to our jobs alias, Agoda employees or any other organization location. Agoda is not responsible for any fees related to unsolicited resumes.

Tags: Agile Application security Audits CISA CISM CISSP Cloud Compliance CRISC Governance ISO 27001 NIST Privacy Risk assessment Risk management SDLC

Perks/benefits: Career development Flex vacation Insurance Parental leave

Region: Asia/Pacific
Country: Thailand
Job stats:  10  3  0
Category: Compliance Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.