Information Technology Compliance Manager

Responsibilities:

• Lead the development, implementation, and continuous improvement of the enterprise policies, standards and framework for governance, risk & compliance.
• Drive and oversee IT & Information Security compliance programs under Technology and Information Security Oversight function, ensuring alignment with regulatory requirements and industry best practices.
• Manage relationships with key stakeholders and external auditors, ensuring timely and accurate documentation, scoping, testing and remediation of technology and security controls.
• Work with different stakeholders and external auditors to obtain and fulfill evidence requests as per the timelines committed.
• Validate the key controls with the stakeholders on a periodic basis to provide an early warning to management for timely correction and remediation action.
• Assess audit findings / gaps including control weaknesses in coordination with different stakeholders and assist with development of management action plans.
• Provide control consulting services to control owners and assist in redesigning the efforts that improve/automate the control environment.
• Partner with internal colleagues to understand expectations for managing cross-functional risks and dependencies; deploy processes to comply with policy expectations which may require implementation of required controls and on-going monitoring & reporting.
• Oversee the management and reporting of tech risk management, compliance documentation and the governance of overall governance of IT and security.
• Work with different teams to organize and manage security related inspections.
• Work with different teams to lead a virtual data cross border working group and respond data cross-border request from business areas.

The ideal candidate will:

• 5+ years of experience in IT/Technology/Information Security Internal Audit or consultancy.
• Bachelor’s degree in computer science, Engineering, or Information Management Systems.
• Deep expertise of international standards and Chinese regulations (e.g., CSL, DSL, MLPS, CBDT, UPI-DSS etc.), with the ability to evaluate, design and recommend best approach to mitigating risk effectively.
• Proven ability to engage and influence stakeholders at all levels of the organization to organize, drive and communicate results.
• Experience operating in a fast-paced environment, managing multiple complex projects simultaneously, with a strong sense of urgency and ownership to drive issues to completion.
• Possess good oral and written English & Mandarin and the ability to work with other departments and varying levels of management.
• Self-motivated and results-driven, with the ability to work independently, consistently delivering high-quality outcomes