JD : Engineer II, Cybersecurity, Governance, Assurance & Data Privacy

Location : Bangalore, India

About Circles

Circles.Life revolutionizes the digital services industry by giving power back to our customers. Born in Singapore as Asia’s first and most successful digital mobile services, our services have been rapidly gaining market share since our 2016 launch, while delivering best-in-class customer experience. We are owning the market in innovation, customer happiness and growth.
Looking ahead, Circles.Life plans to further leverage its telco technology, including a new digital data platform to create more lifestyle products. Discover, an AI-driven events feature, is the first of many more.
We are committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment.
Do you want to get firsthand insights on how a hyper-growth company operates and be part of building disruptive technology? Are you passionate about being part of a fun, ambitious team that thrives in an entrepreneurial tech environment?
If the answer is YES, read on to find out more!

Mission

Our mission in Circles is to become a world-class cybersecurity function by cultivating security as job zero across the organisation. This means security is enforced as an integral component across every facet of our business globally, whereby:

• Security is second nature;
• Security is in the DNA of everything we do; and
• Cultivating and maintaining a Security conscious culture

The Role

As a team member of Cyber Governance & Assurance vertical within Information & Cybersecurity Function, primarily responsible to ensure that Circles.Life and its global offices are always maintaining robust, sustainable and adequate governance practices and compliance.

• Develop, mature and operationalise cybersecurity framework, policies, procedures, guidelines and baseline standards within the Group.
• Champion and ensure cybersecurity best practices are embedded within new initiatives, ongoing change management and evaluate the security impact of the initiatives.
• Identify, risk assess and prioritize various information, data assets across the Enterprise.
• Ensure organisational crown jewels are adequately protected in accordance with regulatory and data protection regulations such as ISO27701, PCI-DSS, Market specific Data Protection regulations including PDPA, GDPR.
• To ensure organisational crown jewels are adequately protected in accordance with regulatory and data protection regulations such as ISO27701, PCI-DSS, Market specific Data Protection regulations including PDPA, GDPR.
• Drive internal Risk Assessment including 3^rd Party Due Diligence (3PDD) reviews, cybersecurity assurance activities, as well as audit readiness reviews and drive timely resolution of potential gaps.
• Provide advisory services on information and cybersecurity matters for internal stakeholders as laid out in subsequent sections.
• Drive cybersecurity awareness within the Group, formulating learning curriculum, rolling out training modules ensuring completion remains above agreed metrics.
• Proactively support in organisational roadmap towards maintaining relevant credentials including ISO27001 compliance and establishing SOC2 compliance report.

Key Stakeholders

• Verticals within Information & Cybersecurity
• Engineering
• Marketing
• Customer Happiness
• Operations
• Government Affairs and Public Policy
• Finance and Legal
• People & Culture

You Offer

• Hold a Degree in Information Technology, Cyber Security or comparable qualification.
• To have 2+ years of professional experience in Audit, Assurance, Governance, Management Consulting or ability to port skills across these functional responsibilities.
• To assist in cybersecurity governance and assurance initiatives in relation to SaaS based Telco platform delivering B2B and B2C products.
• Excellent written and oral communication skills, confident in having meaningful conversation with stakeholders at multiple levels within the Group.
• Prior experience, knowledge in the following is a certain plus:
• Telco industry.
• Cloud Infrastructure and Security, DevSecOps, Microservices architecture, Container security.
• Industry Standards such as ISO 27001, NIST, COBIT, PCI-DSS, MTCS.
• Cherish continuous learning and demonstrate it with one or more professional certifications such as CRISC, CISA, CGEIT, CDPSE, CDPSE, CSX-P, CISSP or equivalent.

 

To all recruitment agencies: Circles will only acknowledge resumes shared by recruitment agencies if selected in our preferred supplier partnership program. Please do not forward resumes to our jobs alias, Circles.Life employees or any other company location. Circles will not be held accountable for any fees related to unsolicited resumes not uploaded via our ATS.

Circles.Life is committed to a diverse and inclusive workplace. We are an equal opportunity employer and do not discriminate on the basis of race, national origin, gender, disability or age.