职位详情
About the Role:
We are looking for a highly capable and experienced Risk & Compliance Specialist to join Lazada’s expanding cyber security team. In this position, you will take a central role in overseeing Third-Party Risk Management (TPRM) and Information Technology (IT) risk throughout Lazada’s operational landscape. Your responsibilities will include evaluating, tracking, and reducing risks tied to external vendors and internal IT systems, ensuring alignment with international standards and industry best practices.
This is a practical, action-oriented role that demands solid expertise in cyber security, sound independent judgment, strong communication abilities, and a forward-thinking approach. Given Lazada’s dynamic, multi-market presence across Southeast Asia, the ideal candidate must have proven experience in global risk management, a broad understanding of international regulations, and the capability to use data-driven analysis to detect, evaluate, and address risks efficiently.
The successful individual will be able to manage full-cycle risk assessment initiatives, apply data analytics to guide risk strategies, and work collaboratively with cross-functional groups such as procurement, legal, information security, and regional business units.
Key Responsibilities:
● Oversee end-to-end Third-Party Risk Management (TPRM) activities, including risk evaluations, due diligence checks, control assessments, and continuous vendor monitoring.
● Perform in-depth IT risk assessments across applications, infrastructure, and cloud-based environments.
● Design and maintain risk frameworks, policies, and procedures that align with recognized standards (e.g., ISO 27001, NIST).
● Partner closely with procurement, legal, information security, and business teams to support informed, risk-conscious decisions.
● Generate comprehensive risk reports and communicate findings and action plans to stakeholders and senior leadership.
● Lead enhancements in risk tools, processes, and automation by applying data analytics and performance metrics.
● Use data insights to anticipate emerging risks, evaluate control performance, and assist in strategic risk prioritization.
● Maintain awareness of evolving cyber threats, regulatory changes, and risk developments across global markets.
● Apply a cross-border risk perspective when assessing vendor and IT risks across multiple jurisdictions and compliance frameworks.
We are looking for a highly capable and experienced Risk & Compliance Specialist to join Lazada’s expanding cyber security team. In this position, you will take a central role in overseeing Third-Party Risk Management (TPRM) and Information Technology (IT) risk throughout Lazada’s operational landscape. Your responsibilities will include evaluating, tracking, and reducing risks tied to external vendors and internal IT systems, ensuring alignment with international standards and industry best practices.
This is a practical, action-oriented role that demands solid expertise in cyber security, sound independent judgment, strong communication abilities, and a forward-thinking approach. Given Lazada’s dynamic, multi-market presence across Southeast Asia, the ideal candidate must have proven experience in global risk management, a broad understanding of international regulations, and the capability to use data-driven analysis to detect, evaluate, and address risks efficiently.
The successful individual will be able to manage full-cycle risk assessment initiatives, apply data analytics to guide risk strategies, and work collaboratively with cross-functional groups such as procurement, legal, information security, and regional business units.
Key Responsibilities:
● Oversee end-to-end Third-Party Risk Management (TPRM) activities, including risk evaluations, due diligence checks, control assessments, and continuous vendor monitoring.
● Perform in-depth IT risk assessments across applications, infrastructure, and cloud-based environments.
● Design and maintain risk frameworks, policies, and procedures that align with recognized standards (e.g., ISO 27001, NIST).
● Partner closely with procurement, legal, information security, and business teams to support informed, risk-conscious decisions.
● Generate comprehensive risk reports and communicate findings and action plans to stakeholders and senior leadership.
● Lead enhancements in risk tools, processes, and automation by applying data analytics and performance metrics.
● Use data insights to anticipate emerging risks, evaluate control performance, and assist in strategic risk prioritization.
● Maintain awareness of evolving cyber threats, regulatory changes, and risk developments across global markets.
● Apply a cross-border risk perspective when assessing vendor and IT risks across multiple jurisdictions and compliance frameworks.
2026-07-04 13:53
IP属地:浙江杭州
职位福利
本科3-5年CISSP/CISP安全审计计算机/信息安全相关专业数据安全管理经验熟悉ISO27001标准GRCCISAIT审计经验英语,风险管理供应商安全CISM

深圳市来赞达软件科技有限公司
未融资 · 1000-9999人


鱼泡安全保障
如遇到办证收费、刷单、传销、诱导买车等违规行为,请立即向鱼泡直聘投诉举报投诉举报 >

附近适合您的职位
汽车信息安全方案专家
5-8万元/月
网络安全5-10年本科信息安全解决方案21434计算机/信息安全相关专业攻防对抗经验操作系统安全车云安全C/C++CISSP/CISP安全体系架构和研发SDL经验安全架构搭建经验安全产品/平台开发经验
杭州 余杭区

先生 · 理想汽车5日内活跃







