Job Title: Governance, Risk, Compliance and Data Privacy Expert
Top 3 Reasons To Join Us
- Competitive Salary
- 100% Globally Remote
- Working on the latest tech for the Insurtech Market Leader
At CoverGo, our mission is to empower all insurance companies to make insurance 100% digital and accessible to everyone.
- We are a leading global no-code insurance platform for health, life, and P&C
- We’re the winner of the Insurtech of the Year in all of Asia and other awards globally
- We work with insurance enterprise clients such as AXA, Bupa, MSIG, Dai-ichi, Bank of China Group Insurance, and many more
- We’re an international, diverse team of over 120 people with 30 nationalities and team members working remotely from all over the world
- We are fully funded and backed by reputable VC funds and strategic institutional investors
- We have offices in the US, Singapore, Hong Kong, UAE and Vietnam
- We’ve grown our annualized revenue by over 30x since January 2021
- We’re constantly working towards making CoverGo a workplace that you love coming to. We deeply believe that bringing together a diversity of thoughts, expressions, and perspectives is key to building the best culture for equally diverse communities all over the world
What You Will Do
You will join our small but growing security team with a direct report to the Head of Security. This is a mid-to-senior-level role. Your tasks will be based on your previous experience, skill set, and career ambitions. The domains listed in the “What We Need” section outline the breadth of tasks you will face. Your main focus will be in the areas of ISO 27001 certification maintenance and international data privacy. However, we expect you to do more and get involved in other domains as well, depending on the needs of the organization.
This role has no personnel responsibilities; it is primarily focused on solving compliance challenges. We work in agile environments, using a lightweight approach to organize our work in a ticketing system. Your success will depend on the concrete output you deliver to the organization. You will have great autonomy and be able to choose your toolchain, hours of work, and method of problem-solving, as long as you deliver the desired result.
A typical day in this role consists of some of the following activities: agile team ceremonies, designing new and validating existing controls, incident management, providing training and awareness, offering compliance advice to teams, and delivering customer presentations of our control framework.
Depending on your abilities and career ambitions, a shift to more managerial tasks and potentially adding personnel responsibility to the role is possible in the next few years. Additionally, you may have the opportunity to become appointed as a data privacy officer.
What We Need
We are looking for a talented and motivated GRC & Data Privacy Expert to help us take CoverGo’s compliance maturity to the next level. This role is perfect for you if you like solving a wide variety of international compliance and privacy challenges to enable CoverGo to grow responsibly.
Hands-on experience in at least two of the following four GRC & Data Privacy domains:
- ISO 27001 or SOC2 (or similar) control implementation and experience in passing audits.
- GDPR management systems to embed privacy controls in a tech organization and demonstrate compliance.
- GRC control automation to reduce manual effort in submitting or validating controls, using modern technologies such as APIs and federated IAM.
- Compliance framework demonstrations that convince Leads and Customers of your organization’s control maturity, such as Trust Portals, pre-sales presentations, and Privacy Impact Assessments.
Ideally, you have experience in the processes and technologies involved in shipping and releasing modern SaaS solutions, including source code management, CI/CD, AWS, Azure, and Kubernetes.
- Self-starter and solution-driven, actively solving problems rather than creating more or shifting them elsewhere.
- Ability to obtain organizational buy-in and explain compliance concepts to both engineers and business people.
- Applying context-driven GRC & privacy controls that materially improve the company’s compliance posture, rather than blindly enforcing checklists or standards for the sake of compliance.
- Excellent written and spoken English skills, with experience in handling customer-facing negotiations and presentations.
- Extremely self-organized, with ideally prior experience working in fully remote teams.
Why You’ll Love Working Here
- Full-remote employment, work from anywhere and/or from one of our physical offices in Vietnam, Singapore or Hong Kong occasionally
- Local time zone office hours, work by your schedule
- Paid annual leaves
- Employee stock options
- Performance bonus
- Company activities & team offsites to exotic locations
- Training and development plan
To apply for this job please visit apply.workable.com.