Security Governance Specialist

Job Description

• Developing and maintaining IT governance-related policies and procedures.
• Monitoring and evaluating the organization’s security compliance status.
• Collaborating with business units, engineering teams, risk, compliance, and other stakeholders.
• Conducting security maturity self-assessments and risk assessments.
• Ensuring compliance with regulatory requirements across jurisdictions.
• Creating dashboards and reports for leadership.
• Staying informed on industry trends.
• Driving continuous improvement in governance processes.

• Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field.
• 7+ years of relevant experience in cybersecurity, tech risk management, compliance, and security governance.
• Strong knowledge of regulatory frameworks and standards such as ISO 27001, NIST CSF, PCI-DSS, SOC1/2, and CCSS.
• Familiarity with data protection laws and regulations (e.g., GDPR).
• Proven ability to manage large-scale security control implementation or compliance remediation projects.
• Excellent project management skills.
• Certifications such as CISSP, CISA, CISM, CRISC, or CCSS are highly desirable.
• Knowledge of cloud platforms like Alibaba Cloud, AWS, and GCP.
• Adaptability to work in rapidly evolving technological and regulatory environments.
• Fluent in both Chinese and English.
• Outstanding communication skills.

• Competitive total compensation package.
• L&D programs and Education subsidy.
• Various team building programs and company events.
• Wellness and meal allowances.
• Comprehensive healthcare schemes.