About Lightnet Group:
Lightnet Group is a leading fintech organization committed to revolutionizing global payments through cutting-edge technology and strategic partnerships. Headquartered in Singapore, with regional hubs in Thailand, we are dedicated to providing innovative cross-border payment solutions.
Position Overview:
Ensure all products and entities meet regulatory and security requirements. Build the control framework, evidence pipeline, and audit readiness so shipping never blocks compliance.
Key responsibilities
- Own the IT control framework mapped to ISO 27001, SOC 2, PDPA, and relevant central bank or securities regulator guidance
- Run risk assessments, control testing, and remediation tracking with Engineering and Ops
- Maintain policies, SOPs, and secure SDLC checkpoints including third-party and change management
- Coordinate internal and external audits, collect evidence, and close findings on time
- Monitor data protection controls, DLP, access reviews, logging, and retention
- Drive vendor risk management and BCP/DR exercises
- Report compliance posture and risks to management with clear metrics
Requirements
- 5 to 8 years in IT compliance, IT audit, or GRC in a tech or financial services company
- Hands-on with ISO 27001, SOC 2, PDPA, and secure SDLC practices
- Strong evidence collection discipline and audit communication skills
- Ability to work closely with product and engineering teams without slowing delivery
Nice to have
- Experience with PCI DSS, MAS TRM or regional equivalents
- GRC tooling experience and relevant certifications such as ISO 27001 LA or CISA
Lightnet Group is an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences. Only shortlisted candidates will be contacted.
