IT and Security Risk Officer

This is Adyen

Adyen is the financial technology platform of choice for the world's leading companies, delivering frictionless payments across online, mobile, and in-store channels. Our team members are motivated individuals that help each other do remarkable things every day. We face unique technical challenges at scale and we solve those as a team. And together, we deliver innovative and ethical solutions that transform the way the world pays.

Tech Risk Officer (Enterprise Risk) 

Adyen is both a global technology company and a locally regulated financial services entity. We combine the best of both worlds; the innovative strengths of technology with the stability of our financial licenses. We operate a single central technology setup and do this globally. This means you will interact with second line colleagues across 28 locations , and act as the single point of contact  for the implementation of information technology and security  requirements in the Asia-Pacific region. 

The Tech Risk team within the second line Enterprise Risk function ensures that risk management practices are applied across Adyen’s technological environments, teams and initiatives. The key risks it covers are those of Information Technology and Information Security (IS/IT). This continuous task requires a close relationship with Adyen technical engineering teams in the first line, in order to understand changes in the tech landscape but also to guide them in relation to risk mitigation needs.  

The ideal candidate is a knowledgeable IS and IT risk professional, with relevant experience in IS/IT Governance, Risk and Compliance activities.  The candidate will have previous experience with regulatory response activities. Additionally, the candidate has good technical understanding, and can contribute to advancing the Adyen Security and IT/IS framework to the next level of maturity in the region, providing guidance in areas such as Information Security and IT Resilience, Data management or AI Governance.

What you will do

• Operates as the Adyen second line Enterprise Risk representative (Risk Officer) in the APAC region, providing strategic leadership and oversight for risk management from our Singapore office. 
• Collaborate with the global risk management team to redirect or jointly answer risk management questions and challenges outside of the technology risk domain
• Provide local Security and IT Risk input to regulatory inquiries on Adyen’s IT and security posture, and participate in relevant regional risk activities.   
• Execute on the global Information Security and IT Risk Assessments across a number of diverse Security and  IT domains and assets, advising on and ensuring risk mitigation actions are implemented. 
• Maintain and further develop the Adyen IT and Information Security Policies and contribute to the maturity of the Information Security and IT Risk Framework. 
• Engage with key stakeholders and work cooperatively to identify, create, develop or implement mitigations to IT and Security risks, and actions that drive policies adoption and process maturity.
• Collaborate with other Enterprise risk domains, in order to incorporate Security and IT risks into Adyen’s risk profile, ensuring those are considered when evaluating company objectives.
• Collaborate with other second-line teams (typically regulatory, compliance and privacy) in the implementation of Security and IT requirements, as well as engage with local auditors or external partners (externally) as a trusted point of contact for the specific risk domains, globally.
• Identify and drive process improvements that enhance scalability and efficiency of the Tech Risk team.
• Represent risk management in local executive boards across APAC together with the VP of Enterprise Risk.  

Who you are

• You have between 5 to 15 years experience with Security and IT risk management, working with(in) the second line risk management in a financial institution, technology company or as a technology risk consultant in a Big 4 firm or comparable. 
• You have a clear understanding of Technology and Information Security domains, such as IT Resilience, vulnerability management, Security incident response, secure development, etc. and have an understanding of recognized industry frameworks. 
• You feel comfortable explaining risks associated with Information Security or IT areas, to engineers or other business stakeholders, as well as recommending risk mitigations and enabling risk monitoring by building risk indicators.
• You have experience in engaging with regulators or in regulatory projects, with understanding of requirements related to Security and IT risk management for regulated institutions or the payments industry in the APAC region.
• You are passionate and driven about building for risk management, owning projects and objectives in the medium, long term.
• You are practical, innovative, flexible with strong problem-solving capabilities and able to define efficient and effective processes and procedures.
• You have strong written and verbal communication skills. 

Our Diversity, Equity and Inclusion commitments 

Our unique approach is a product of our diverse perspectives. This diversity of backgrounds and cultures is essential in helping us maintain our momentum. Our business and technical challenges are unique, and we need as many different voices as possible to join us in solving them - voices like yours. No matter who you are or where you’re from, we welcome you to be your true self at Adyen. 

Studies show that women and members of underrepresented communities apply for jobs only if they meet 100% of the qualifications. Does this sound like you? If so, Adyen encourages you to reconsider and apply. We look forward to your application!

What’s next?

Ensuring a smooth and enjoyable candidate experience is critical for us. We aim to get back to you regarding your application within 5 business days. Our interview process tends to take about 4 weeks to complete, but may fluctuate depending on the role. Learn more about our hiring process here. Don’t be afraid to let us know if you need more flexibility.

This role is based out of our Singapore office. We are an office-first company and value in-person collaboration; we do not offer remote-only roles.