Senior IT Risk & Compliance Specialist

Joining Razer will place you on a global mission to revolutionize the way the world games. Razer is a place to do great work, offering you the opportunity to make an impact globally while working across a global team located across 5 continents. Razer is also a great place to work, providing you the unique, gamer-centric #LifeAtRazer experience that will put you in an accelerated growth, both personally and professionally.

Job Responsibilities :

The IT Risk & Compliance role is responsible for assessing, analyzing, and mitigating potential risks within an organization’s IT infrastructure and systems, ensuring adherence to relevant regulations, standards, and policies.

Requirements:

• Bachelor’s degree in computer science, information technology, or equivalent.
• Minimum of 4 years of experience in IT compliance, regulatory affairs, or a similar role.
• In-depth understanding of IT regulations, standards, and frameworks globally (e.g., MAS TRM, RMiT, ISO 27001, GDPR, BOT).
• At least 4 years of hands-on experience in technical security risk assessment, with industry certifications such as CRISC, CISA, and CISM being advantageous.
• Knowledge of information security risks, Strong written and oral communication skills. The ability to communicate effectively (clear, concise and professionally).
• Exceptional communication skills to convey complex compliance requirements to various stakeholders.
• Ability to collaborate effectively with cross-functional teams.
• Passionate about maintaining software compliance policies, regulatory landscapes, and IT risk assessments.
• Skilled in creating and maintaining compliance documentation and reports.
• Detail-oriented with a focus on accuracy and completeness.
• Knowledge of cloud infrastructure (AWS, Azure, etc.) would be an advantage.
• Knowledge of any structured query language programming (MSSQL, MYSQL) would be an advantage.
• Fluent in Thai would be an advantage.
• Working knowledge or interest in technology infrastructure principles and practices.
• Good working attitude and a strong team player.
• Excellent communication and presentation skills.
• Positive attitude and an eagerness to learn with minimal supervision.

Key Responsibilities:

Risk Management:

• Develop and manage IT risk and security for multiple IT functional areas (e.g., applications, systems, network, and Web) across the enterprise.
• Identify vulnerabilities, implement security measures, and develop strategies to safeguard against threats such as cyber-attacks, data breaches, and system failures.
• Conduct and facilitate IT and cyber risk assessments covering IT general controls, application controls, IT security reviews, and monitor activities with risk owners/representatives. Evaluate internal IT controls and identify opportunities for improvement.
• Oversee technical risk assessments related to data, including data leaks, data loss, risks to customers, vulnerability scanning, and penetration testing.
• Maintain processes to ensure only approved software versions are deployed to the production environment.
• Work with engineering teams to ensure software solutions conform to regulatory requirements.
• Evaluate software development, testing, and release procedures to meet regulatory specifications where applicable.
• Stay informed of industry best practices, changes, and trends, and assess the potential impact of these changes.
• Assist in the implementation of Business Continuity Planning annual exercises.

Compliance Management:

• Ensure compliance with regulations, standards, and policies globally i.e. (e.g., MAS TRM, RMiT, ISO 27001, GDPR, BOT).
• Collaborate with various teams and auditors to ensure compliance with industry standards and regulations, conduct risk assessments, and propose solutions to minimize risks while maintaining operational efficiency.
• Respond to inquiries regarding compliance regulations, rules, policies, procedures, and current technical compliance status.
• Serve as a central point for IT governance and compliance, manage IT risk, oversee quality and performance metrics, and provide business support.
• Manage, develop, and periodically maintain documentation required to support all IT risk, governance, and technical regulatory requirements.
• Assist in developing and implementing compliance programs, policies, and procedures to mitigate risks and maintain data integrity and security.
• Reviewing audit reports and other documents produced by internal auditors or external auditors to determine if corrective actions are necessary
• Work closely with IT to perform IT due diligence on third-party service providers and reports.
• Coordinate technical audit exercises with internal and external auditors.

Pre-Requisites :

Are you game?