Governance, Risk and Compliance (GRC) Specialist
AspireMulti currency business account, for start-ups & SMEs, to manage your company spends & expenses, accounts receivables & payables, invoices, bills, corporate cards & cross-border payments.
Aspire is the leading all-in-one finance operating system for growing businesses in APAC. We are on a mission to reinvent business finance for a new generation of entrepreneurs and business owners, empowering startups and MSME to realise their full potential.
Founded in 2018, Aspire has raised over USD 300M+ across equity and debt from world-class investors. In 2023, we successfully closed an oversubscribed USD 100 million Series C equity round led by Sequoia Capital and Lightspeed Ventures with participation of Tencent, Paypal Ventures, LGT Capital Partners, Picus Capital and MassMutual Ventures. To power our solutions, we have partnered with some of the best companies in the world such as Visa and Wise and helped more than 15,000 businesses using our suite of products.
In 2022, we were awarded Best Employer of the Year and Payments Tech of the Year by Asia Fintech Awards, ranked #1 on LinkedIn's 2022 Top Startups list and were listed on YC Top Companies 2022. In 2023, we ranked Top 10 on The Straits Times Fastest-Growing Companies.
You will be amazed by the energy and experience of our team. We are a team of ex-entrepreneurs, ex-founders, and high-achievers with international backgrounds. We team up to reach the highest standards in what we do, and don't take NO for an answer.
We are expanding rapidly. Are you a top talent? Are you passionate about entrepreneurship? Join us and make an impact in the fintech space.
About the role:
As the Governance, Risk, and Compliance (GRC) Specialist, you will be responsible for driving and creating state-of-the-art security environments within Aspire. You will be reporting to Aspire’s Head of Information Security and will have the exciting opportunity to be part of a fast-growing team of infosec specialists within the company.
What will you be doing?
- Maintain, and periodically review IT security policies, procedures, guidelines, and frameworks in accordance with industry standards.
- Help to align IT/security solutions and infrastructure with MAS TRM, MAS Cyber Hygiene, PDPA, PCI-DSS, SOC2, and ISO 27001.
- Risk Management:
- Conduct risk assessments and drive other IT/security related activities and projects to identify vulnerabilities.
- Monitor the organization's risk posture and ensure mitigation strategies are in place.
- Ensure practices and standards compliance, particularly concerning MAS TRM, MAS Cyber Hygiene, PDPA, PCI-DSS, SOC2, and ISO 27001.
- Conduct and drive audits, penetration tests, and other compliance efforts, addressing findings effectively.
- Liaise with both internal and external auditors, ensuring observations are promptly addressed.
- Collaborate cross-departmentally to communicate and ensure understanding and adherence to regulatory requirements.
- Provide regular updates to stakeholders about the company's GRC status and initiatives.
- Produce actionable reports based on audits, risk assessments, and compliance efforts.
- Continuous Improvement:
- Drive information security awareness campaigns tailored to regulatory requirements and standards.
- Stay updated with the latest changes and best practices in MAS TRM, MAS Cyber Hygiene, PDPA, PCI-DSS, SOC2, and ISO 27001.
- Regulatory and Standard Compliance:
- Navigate and ensure alignment with specific regulations and standards, such as MAS TRM, MAS Cyber Hygiene, PDPA, PCI-DSS, SOC2, and ISO 27001.
We would love to get to know you if you have the following:
- A degree in Technology, Engineering, MBA or a related qualification.
- Passion for cybersecurity, GRC, and regulatory compliance.
- Minimum of 2 years of experience in the GRC sector, ideally in MAS-regulated environments.
- Familiarity with MAS TRM, MAS Cyber Hygiene, PDPA, PCI-DSS, SOC2, and ISO 27001.
- Ability to navigate a fast-paced, diverse environment.
- Strong communication skills in English, proficient in conveying complex technical and regulatory details.
- Collaborative team player, eager to work across departments for comprehensive compliance.
What we offer
- Work from anywhere and Work from Home subsidy.
- Uncapped flexible annual leave.
- Training subsidy for your professional growth.
- Wellness benefit.
- Team bonding budget to foster collaboration and sense of belonging.
- Culture is Key: Most importantly, we always strive to cultivate a special culture that brings special talents together - You may learn more about our culture at our careers site and LinkedIn Life page.
Equal Opportunity Statement
Aspire is an equal opportunity employer and is committed to providing equal employment opportunities to all qualified individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or any other protected characteristic as outlined by applicable laws.
Please note: by submitting your application, you acknowledge that you have read and understood Aspire’s Data Protection Policy for Employees, Freelancers, Contractors and Job Applicants (the “Policy”), and consent to the collection, use and disclosure of your personal data by Aspire for the purposes set out in the Policy. You may withdraw consent for such collection, use and disclosure, and make an access or correction request in respect of your personal data, in accordance with the Policy by emailing firstname.lastname@example.org.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs