Cybersecurity Engineer (Security Compliance)

Responsibilities

We are seeking a highly skilled and motivated Senior Information Security Compliance expert to join our dynamic team. In this pivotal role, you will be the cornerstone of our compliance and data security initiatives. You will be responsible for tracking, implementing, and validating controls against leading security and privacy protection frameworks, with a specific emphasis on protecting sensitive data throughout its lifecycle.

1. Serve as the primary compliance subject matter expert on critical projects (e.g., data security, cross-border data transfer compliance, personal data protection), ensuring security and data protection requirements are embedded by design.

2.Collaborate closely with engineering, product, legal, and DevOps teams to guide the implementation of compliant technical solutions throughout the entire data lifecycle.

3.Develop, maintain, and improve information security policies, standards, procedures, and guidelines.

4.Lead and perform internal risk assessments across multiple frameworks, including ISO/IEC 27001/27701, GDPR, SOC2, PCI DSS and other relevant standards.

5. Lead the end-to-end lifecycle of cybersecurity risk remediation activities, ensuring identified risks are effectively mitigated within agreed timelines.

6. Manage international security operations, incident response, and regional liaison to adapt global strategies to local needs.

7.Provide security architecture governance and oversight for new and existing technology solutions.

Requirements

1. A Bachelor's degree or higher in Computer Science, Information Systems, Cybersecurity, or a related field. Equivalent practical experience will be considered.

2. 4+ years of hands-on experience in information security, with at least 2 years focused specifically on data security, compliance, risk, and governance (GRC) is a strong plus.

3. Deep understanding of data security principles (e.g., encryption, tokenization, data masking, access controls) and international data privacy regulations (GDPR, PDPA, etc.).

4. Thrive in a fast-paced, dynamic environment and can effectively manage multiple priorities under pressure and tight deadlines.

5. Excellent project management and organizational skills, with a proven ability to collaborate effectively within multicultural and multi-functional teams.

6. Professional certifications such as CISSP, CISA, PMP, CIPM, ISO 27XXX Lead Auditor, or other equivalent credentials are highly desirable.

7. Exceptional ability to communicate in Mandarin and English, in order to support coordination and collaboration with Mandarin-speaking stakeholders, teams, and business partners across regional markets.