Regional Compliance and Security Specialist

Regional Compliance and Security Specialist Privacy Compliance Projects & Risk Management Lead major regional privacy compliance projects and provide privacy security & compliance support. Take the lead in business system compliance reviews, Privacy Impact Assessments (PIA), and data security risk assessments. Identify potential risks, propose actionable rectification suggestions, and take the management to ensure risks are controllable. Track the dynamics of domestic and international privacy protection and data security legislation (e.g., EU GDPR, Data Act, AI Act; US CCPA, CPRA; Hong Kong PDPO). Analyze regulatory trends and law enforcement cases, and promptly deliver compliance interpretations and response strategies. Compliance Policy Development & Technical Implementation Develop and continuously optimize privacy and data security compliance policy and internal rules, operation guidelines, and checklists for business systems. Promote the implementation of policy and rules, monitor reviews, and drive continuous improvement. Promote the integration of compliance requirements into the security technology architecture. Be responsible for implementing network and information security management system requirements in the region and strictly enforcing the network security baseline of HQ. Regional Compliance Management & Risk Closed-Loop Take full responsibility for the region’s compliance management work. Develop and improve various compliance management systems and process mechanisms to enhance the standardization of management. Coordinate regional compliance management team resources, collaborate with Finance BP, Legal BP, HR BP, and overseas units’ part-time compliance administrators. Conduct compliance risk identification, assessment, consultation, and response in key areas. Focus on high-risk and frequent issue areas in the region. Assist the headquarters in conducting special supervision and inspections, and promote issue notification, accountability, and rectification to Risk Closed-Loop. Compliance Training & Culture Building Organize privacy and data compliance training. Compliance dissemination of laws and regulations, company systems, and relevant policy requirements to improve all employees’ compliance awareness and practical capabilities. Support internal and external audits and regulatory inspections. Foster a regional atmosphere of proactive compliance and drive the construction of compliance culture in the region. Job Requirements Basic Qualifications & Work Experience Master's degree or above in Law, Auditing, or related majors. Possess good English/Mandarin reading, writing, and communication skills (English/Mandarin can be used as a working language). Candidates with privacy and security certifications such as CIPP/E, CIPP/US, CIPM, CIPT, and CISSP, or CISA are preferred. At least 5 years of work experience in personal information protection, data compliance, information security governance, or other compliance fields. Work experience in multinational technology enterprises, large Internet companies, well-known law firms, or consulting institutions is preferred. Candidates with project experience in data outbound assessment and data cross-border compliance transformation are preferred. Professional Knowledge & Core Competencies Familiar with major domestic and international privacy and data protection laws and regulations. Understand privacy and information security standards and certification systems such as ISO 27001, ISO 27701, and SOC 2. Candidates with experience in supporting the acquisition of international certifications such as ISO 27701 and SOC 2 are preferred. Familiar with the concept of Privacy Engineering and understand how to translate compliance requirements into system design and technical implementation. Possess clear logic, excellent Chinese and English communication and coordination skills, and cross-departmental promotion capabilities. Able to collaborate efficiently with multiple teams such as legal, technology, and security. Professionalism Possess strong ability to work under pressure and problem-solving skills. Maintain continuous enthusiasm for the field of privacy protection and compliance auditing. #J-18808-Ljbffr