
Security Risk and Compliance Specialist
1 week ago
Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive.
At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.
**About the role**
The Security Risk and Compliance Specialist will bring their experience to a team working with all parts of the business to improve Xero’s security risk and compliance posture, to reduce the risk of security incidents and improve the efficiency and effectiveness of Xero’s security controls.
**What you'll do**:
- Support contributors across Xero in conducting risk assessments to identify potential security threats and vulnerabilities, and evaluate security risks across all areas of Xero’s business, including product and technology, and third party software and services, to ensure these are well understood and managed within Xero’s risk tolerance.
- Ensure security compliance obligations with applicable laws, regulations and standards such as ISO 27001, SOC 2, PCI-DSS or other international or regional frameworks, are understood and met across Xero.
- Support product teams in performing threat modeling of new/updated product features.
- Perform risk assessments for Ecosystem partners and third party suppliers, ensuring that security risks are assessed and understood prior to, and during the engagement with the third party.
- Using the security risk management framework, ensure risks are documented, quantified, owned, communicated and escalated as appropriate across Xero.
- Provide input to responses to customer and supplier security assessments.
- Monitor and assess emerging security threats that could affect Xero, and propose strategies to mitigate them.
- Support process improvement and automation using technical skills and experience.
- Foster cross-disciplinary understanding of security risk and compliance and raise awareness of risk
**What success looks like**:
- Changes to Xero’s product and corporate infrastructure are in compliance with the IT Security Policy and standards and meet Xero’s compliance obligations.
- Risks are identified and managed according to Xero’s risk appetite, in a timely manner and in alignment with business objectives.
- Security assessments are completed and documented for all new third party software and technology services.
- Audits and other compliance assessment activities are completed successfully, and compliance is maintained with required standards.
- Management has timely and appropriate visibility of Xero’s security risk status.
**What you'll bring**:
- 3+ years in a role in an information security and risk management practice
- Experience with ISO27001:2022, SOC 2 Type 2 or PCI-DSS compliance frameworks
- Recognised as a high performer and leading contributor in your team.
- Experience working with AI and data to drive automation.
**Why Xero?**
Offering very generous paid leave to use however you’d like (plus statutory holidays), dedicated paid leave to care for your physical and mental wellbeing as well as an Employee Assistance Program to access mental health care for you and your family, life insurance, employee resource groups, 26 weeks of paid parental leave for primary caregivers, an Employee Share Plan, beautiful offices with weekly fitness and yoga classes, flexible working, career development, and many other benefits that reflect our human value, you’ll do the best work of your life at Xero.
Our collaborative and inclusive culture is one we’re immensely proud of. We know that a diverse workforce is a strength that enables businesses, including ours, to better understand and serve customers, attract top talent and innovate successfully. So, from the moment you step through our doors, you’ll feel welcome and supported to do the best work of your life. At Xero we embrace diversity and inclusion and value a #challenge mindset.
-
Risk Compliance Specialist
1 day ago
Singapore SEDHA CONSULTING PTE. LTD. Full time**Governance, Risk and Compliance Specialist **Responsibilities**: - Develop the culture of cyber security governance and risk management across the organisation, and ensure proper accountability in the management, tracking and reporting of cyber risks. - Review and establish ICT policies and processes controls, and conduct compliance checks. - Support the...
-
IT Risk and Compliance Specialist
1 day ago
Singapore Unison Consulting Pte Ltd Full timeAs a Governance Risk and Compliance Specialist to join our team, this role is crucial in developing and maintaining a robust culture of technology and cybersecurity risk governance across our organization. - Develop the culture of Tech risk governance and management across the organisation, and ensure proper accountability in the management, tracking and...
-
Security Compliance Specialist
2 weeks ago
Singapore NEUROGLEE THERAPEUTICS PTE. LTD. Full timeNeuroglee is growing rapidly and requires a Security Compliance Specialist. The Security Compliance Specialist will be responsible for developing and producing security and compliance procedures/processes/reporting that are meaningful and actionable for Neuroglee’s technology and operation team, and He/she will also take care of submitting audit and...
-
IT Governance, Risk and Compliance Specialist
3 hours ago
Singapore Climate Impact X Full time**Trusted carbon credits. Real impact.**: Climate Impact X (CIX) is a Singapore-based global carbon exchange and marketplace that aims to scale the voluntary carbon market; through a joint venture by DBS, SGX, Standard Chartered and Temasek. CIX offers distinct platforms and products that cater to the needs of different carbon credit buyers and sellers. The...
-
Security Risk Manager
2 days ago
Singapore beBeeRisk Full timeSecurity Governance and Risk Management Specialist Role Overview">Job Description">As part of our security team, you will be responsible for collaborating with various stakeholders to identify and mitigate risks. Your focus will be on ensuring compliance with regulatory requirements and maintaining the highest standards of security governance.">The...
-
Operation Executive
1 week ago
Singapore SECURITY & RISK SOLUTIONS PTE. LTD. Full time**Operations Executive (Security Industry)**: - Join a growing team where your leadership and expertise make a real difference on the ground.We're looking for a hands-on, reliable Operations Executive to oversee and support our daily security operations across assigned contract sites. This role is ideal for someone who takes ownership, stays calm under...
-
Governance, Risk, and Compliance
1 week ago
Singapore Kulicke & Soffa Full timeGovernance, Risk, and Compliance (GRC) Lead Governance, Risk, and Compliance (GRC) Lead Get AI-powered advice on this job and more exclusive features. The GRC Lead will be responsible for responsible for initiating, running, and managing information security governance, risk management, audits, and compliance with SOX and other relevant regulations....
-
Governance, Risk, and Compliance
1 week ago
Singapore Kulicke & Soffa Full timeGovernance, Risk, and Compliance (GRC) LeadGovernance, Risk, and Compliance (GRC) LeadGet AI-powered advice on this job and more exclusive features.The GRC Lead will be responsible for responsible for initiating, running, and managing information security governance, risk management, audits, and compliance with SOX and other relevant regulations. Successful...
-
Governance, Risk, and Compliance
2 days ago
Singapore Kulicke & Soffa Full timeGovernance, Risk, and Compliance (GRC) Lead Governance, Risk, and Compliance (GRC) Lead Get AI-powered advice on this job and more exclusive features. The GRC Lead will be responsible for responsible for initiating, running, and managing information security governance, risk management, audits, and compliance with SOX and other relevant regulations....
-
Apac Security Control Center Supervisor
7 days ago
Singapore SECURITY & RISK SOLUTIONS PTE. LTD. Full timeWe’re hiring a **Security Control Center Supervisor**to support operations at a key APAC contract. You’ll work in a fast-paced, 24/7 environment alongside a team of supervisors, specialists, and analysts to ensure smooth operations and high security standards. **Key Responsibilities**: - Supervise daily control center operations and specialist...