Within Garena, we are committed to bringing in the best digital entertainment platform to our users. Like us, you strive to understand our diverse range of users by challenging the status quo and developing innovative solutions to engage users.
As part of our IT compliance team, you will work collaboratively with all Garena technical teams to conduct IT compliance testing to assess risk, evaluate internal controls and safeguard assets.
You will future-proof our info infrastructure, anticipate and prevent threats while keeping our games safe and stable for players.
You will be the point of contact for security-related audits involving the IT security team, internal and external auditors as well as third parties within the compliance, audit and risk management cosmos.
Manage due diligence activities, such as testing controls, process walkthroughs, third-party technology risk assessments, and contract reviews
Work with the appropriate teams to analyze and report root causes, take corrective actions, and formulate the appropriate messages to convey to Garena staff, players, and other interested stakeholders
Lead Garena's understanding of responsibilities and tech requirements necessary to manage IT controls related to SOX, PCI compliance, KISA, and other standards and regulations
Coach Garena staff on audit and compliance standards and best practices, and how to manage risks associated with third-party partners, vendors, and tools
Coach Garena staff and carry out Business Continuity and Disaster Recovery efforts
Develop an in-depth understanding of industry compliance management trends and risks and to develop viable business solutions to mitigate risk
Team development : You are the ultimate, accountable party for ensuring a highly-functioning team; you will not only exemplify our cultural pillars but also be adept at imparting them on others
Over 5 years of experience in an IT Audit or Information Security Audit role, familiar with Internal Controls and regulatory frameworks like SOX, PCI, KISA, and the latest Global Data Privacy regulations
Experience with Business Continuity and Disaster Recovery as well as Vendor Certification and Management;
CISSP, CISA, CISM, CRISC, or other relevant IT or IA certification is a plus;
Prior experience in Big 4 is a plus
Personable and agile : Your sunny disposition disarms conflict and puts our staffs at ease; when situations start getting stressful or plans are not working as intended, you are the first responder who can quickly manage shifting priorities.
Highly analytical : Whether sniffing out a security risk or ensuring compliance during an audit, you bring your deadly 00 Agent skills and IT compliance knowledge to squelch security snafus with ruthless effectiveness.
Collaborative : You do not just play well with others, you are eager to get drenched during an interdisciplinary brainstorm;
you are experimental and open to feedback.
Self-driven : You do not need marching orders, and you are more unstoppable than an elite Demacian commando, knocking out tasks with whatever it takes to get the job done well