Senior IT GRC Specialist (Bangkok based, relocation provided)
Bangkok (Central World Office)
Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with more than 3.6 million accommodations globally. Based in Asia and part of Booking Holdings, our 6,000+ employees representing 90+ nationalities foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.
Get to Know our Team:
The IT Security team oversees Governance Risk & Compliance, Security Incident, security operations & Application Security for Agoda globally. We are vigilant in ensuring there is no breach or vulnerability threat to our company or endangering our employees in order to keep Agoda safe and protected. This role is challenge for those who want to work in an agile environment with the best technology available.
IT GRC Sr. Specialist will work in a team environment to assist/lead in IT Governance, Risk Management and Compliance. Specialist should be willing to be cross trained, job rotation and take on responsible in other security domain/duty. Ability to work efficiently with minimal direction and/or oversight as well as part of multiple project teams simultaneously. They will also require working closely with the security specialist of the team to maximize the opportunity.
In this Role, you’ll get to:
- Design and implement company-wide security and compliance programs, collaborating with our IT team.
- Answer partner risk management and security questionnaires, collaborating with our Commercial/Partnerships team.
- Lead security related internal and external audits, self-assessments for PCI compliance, SOX compliance, SOC 2, etc. Knowledge and experience on NIST is a plus.
- Build an internal library of resources on data protection, cyber security, system diagrams, process flows, etc.
- Oversee periodic internal reviews of user access and process compliance.
- Coordinate with other brands in the Booking Holdings Group on cross-Group security projects.
- Oversee critical remediation gaps to conclusion.
- Manage annual policy review, updates and approvals.
- Should possess expertise and experience in representing the company to B2B clients.
What you'll Need to Succeed:
- You have a minimum of 5-7 years of work experience in Information Security, Cyber Security, IT, IT Auditing, or Compliance and a bachelor’s degree in technology related field or business.
- You have knowledge of compliance requirements including PCI-DSS, SOX, etc.
- You have knowledge of privacy and data protection regulations including GDPR, CCPA, etc.
- You have experience with audit processes including completing security questionnaires/audit forms and gathering evidence; proficiency in Tugboat a plus.
- You have experience writing/reviewing security policies in a B2B or B2B2C setting.
- You possess strong knowledge of information system security best practices, including access control, auditing, logging, monitoring, security policies, and incident response.
- Holding a professional accreditation such as CISM or CISA is a plus.
- You are able to manage multiple projects, priorities and deadlines among various stakeholders.
- You are an effective communicator (verbal and written), and are able to convey technical and non-technical concepts to a variety of audiences.
- You have experience building and managing security related project plans.
- Advantage knowledge in transition from manual process to automate using Tugboad and Safebase
Join us and live where other people go for vacation. Here are some of the benefits offered by Agoda.
- Hybrid Working model
- WFH setup allowance
- 30-day remote working from anywhere globally, every year.
- Employee discount for accommodation globally
- Global team of 85+ nationalities
- 40+ offices in 25+ countries
- Annual CSR/Volunteer time off
- Benevity subscription for employee donations
- Volunteering opportunities globally
- Free headspace, Odilo & Udemy subscription
- Access to employee assistance program (third party for personal and workplace support)
- Enhanced Parental leave
- Life, TPD & Accident Insurance
Our amazing People Team will take care of the visa process and flights + a shipment and the first 30 days of accommodation in Bangkok.
#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #hongkong #budapest #jakarta #bali #dublin #telaviv #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #doha #alrayyan #riyadh #jeddah #mecca #medina #singapore #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #london #manchester #liverpool #edinburgh #hcmc #hanoi #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #bangalore #bandung #yokohama #nagoya #okinawa #fukuoka #jerusalem #IT #4 #LI-RS1
Equal Opportunity Employer
At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.
To all recruitment agencies: Agoda does not accept third party resumes. Please do not send resumes to our jobs alias, Agoda employees or any other organization location. Agoda is not responsible for any fees related to unsolicited resumes.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs