Compliance and Information Security Analyst

This is your chance to join a fast-growing SaaS startup backed by well-known investors! Don't dismiss the word "startup" just yet! This company is making significant strides in emerging markets, and what you see now is just the beginning. Seriously, this is an opportunity you wont want to miss we are seeking a skilled Compliance and Information Security Analyst.

You will be the first to establish the cyber and compliance framework, with support from experienced colleagues along the way. If you're in it for the long haul, you're going to love this role. Plus, the office has a unique vibe, plenty of open space, a great culture, and encourages remote work. There's also transportation allowance. Interested? Keep reading!

Responsibilities:

• Conduct internal and external compliance audits to ensure the company meets client and regulatory standards.
• Perform regular risk assessments to check how well current controls are working and find areas for improvement.
• Carefully complete compliance surveys from businesses, providing accurate and up-to-date information.
• Create a data governance framework that includes policies and procedures to maintain data integrity and quality
• Research data governance frameworks and policies in both existing and new markets where the company operates.
• Carry out IT security assessments, control evaluations, policy reviews, penetration testing, and IT audits.
• Keep certifications like ISO 27001 up to date by managing documentation and organizing regular audits.
• Develop systems to prevent violations of legal guidelines and internal policies.
• Continuously assess and improve the effectiveness of controls.
• Regularly review procedures and reports to uncover hidden risks or compliance issues.
• Work with other departments to ensure standards and regulations are followed.
• Evaluate potential compliance risks in the company's future business ventures.
• Prepare reports for senior management and external regulatory agencies as needed.

Qualifications:

• At least 2 years of experience in information security, compliance, or risk management.
• Good understanding of legal requirements and processes.
• Excellent English and Chinese spoken and written communication skills.
• Strong analytical skills with great attention to detail.
• Relevant professional certification in compliance (e.g., Certified
• Compliance & Ethics Professional (CCEP) or Certified Information Systems Security Professional (CISSP)).
• Experience with ISO 27001 and other recognized industry certifications.
• Solid grasp of data governance frameworks and best practices, including data classification, quality management, and privacy regulations (e.g., GDPR) in the markets where the company operates.
• Skilled in risk management and relevant security standards.
• Technical knowledge of software development and IT infrastructure, e.g. JAVA coding language.

If you have what it takes and have the relevant experience, please send your full WORD or PDF Resume to hello@cybersharkhk.com now or click apply, because we're here to see your vision together.