Risk and Compliance Analyst - APAC

Inchcape is the leading global automotive distributor operating in more than 40 markets. We partner with some of the biggest brands in the business to power better mobility today and in the future.

Our diverse global team of over 20,000 talented people foster an inclusive and collaborative culture, championing a brilliant experience for our customers and partners. We’re a dynamic and fast-growing business, dedicated to shaping a successful and sustainable future for the industry.

Here, you will unlock your full potential with career opportunities and learning experiences. You’ll work with cutting-edge technology, ground-breaking innovation, and forward-thinking colleagues. If you are highly driven with a can-do attitude, and you bring out the best in yourself and others, then join us to power new futures.

Risk and Compliance Analyst – APAC

Duties and Responsibilities:
- Direct report to Regional Security Manager
- Conduct security risk assessment for APAC markets
- Perform gap analysis based on NIST Security framework
- Assist in conducting Business Impact Assessment (BIA) for existing markets and new M&A
projects
- Aid markets in closing audit findings and gaps
- Point of contact for security risks and non-compliance identified in the markets
- In charge in tracking all security risks for the markets until closure
- Work with different IT teams in remediating security vulnerabilities for the markets
- Perform security assessment on third-party vendors and new projects
- Coordinate vulnerability remediation activities with relevant IT groups
- Prepare status report on a regular basis
- Contribute to other risk, security, compliance initiatives and services as appropriate
- Perform other tasks as assigned by Regional Security Manager

Qualifications:
- Graduate of any 4- year IT Security related course
- 2-3 years of risk management and security compliance experience
- Preferably has a background in car distribution/retail industry
- Proven knowledge on NIST Security Framework
- Familiarity with security tools such as SIEM, Nessus, Intruder, Sentinel One, Netskope,
Proofpoint, etc.
- Preferably with at least one security or risk management related certification (e.g., CISA,
CRISC, CISM, CISSP)
- Has good communication skills
- Can work effectively with diverse groups
- Can work under pressure with minimal supervision

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.