Senior IT Security & Compliance Specialist
Singapore, Singapore (Wavecell)
Wavecell, an 8x8 Company – Engineering
Wavecell, an 8x8 company, is a Global Communications Platform as a Service (CPaaS) focusing on SMS, Chat Apps, Video Interaction and Voice to enhance customer experience and business productivity. Wavecell's mission is to help companies and developers to easily integrate efficient new communication channels into their products and applications. We provide cloud-based real-time communication services for Enterprises and Application Developers. We deliver services to global customers in more than 200 countries. Our business is growing significantly, and we are hiring talents seeing challenges and fun. Wavecell is headquartered in Singapore with offices in the Philippines, Indonesia, Thailand, Hong Kong, and others. Our ambition is to become the Global leader in Cloud Communications API services. At Wavecell, you will have the opportunity to work in a dynamic and innovative start up environment. We are seeking brilliant, self-motivated and passionate individuals who are willing to make a difference in the industry.
Reporting jointly to Wavecell’s VP of Engineering and the overall 8x8 CISO this Senior Security and Compliance Professional will be responsible for working with Wavecell and 8x8 DevOps, product management, marketing and other 8x8 / Wavecell groups.
This position will work to further secure Wavecell customer data and ensure compliance with all APAC, US, UK, EU, SA regulatory compliance requirements including, but not limited to GDPR, SOX, PCI-DSS, HIPAA, ISO 27001:2013, NIST 800-53 Rev. 4/FISMA, SOC II regulatory compliance standards. This will include working with our 8x8 DPO, GC and Global legal and other teams to assist with the technical side of GDPR and other global data privacy regulatory requirements.
This position will also be responsible for providing security and compliance assurance support to any outside auditors, 8x8/Wavecell Salespeople and Reseller Partners and directly to customers. This will include handling customer security and compliance inquiries, direct meetings with customer security and compliance teams and completing our customer compliance questionnaires and other requests. It will also include working with our 8x8 legal team to provide security and compliance guidance during customer contract negotiations.
Responsibilities will also include working with our 8x8 business team’s and 8x8 legal to ensure all 8x8 3rd party vendors meet our minimum security and compliance standards and then help negotiate contracts with these 3rd parties to ensure that these security and compliance requirements are agreed to legally.
The Senior Security and Compliance Professional will also work with DevOps and product management and our 8x8 AppSec team to ensure that during the early feasibility and design phases the 8x8/Wavecell applications infrastructure meet all major regulatory requirements. Work will be done primarily at 8x8 Wavecell APAC offices. However, there may be occasional trips to San Jose, CA, USA and other 8x8 locations.
We are offering an exciting opportunity to work in an international, dynamic environment that allows personal and professional developments. You will evolve in fast growing cloud communication company based on performance and achievement.
Ensuring that the 8x8 Wavecell products and solutions meet all related compliance standards successfully
Working with each of the related external auditors
Responsible for providing security and compliance assurance support to 8x8 Sales and our customers
Responsible for working with our 8x8 legal team on customer contract negotiation
Responsible for working with our 8x8 business team’s and 8x8 legal to ensure all 8x8 3rd party vendors meet our minimum security and compliance standards and then help negotiate contracts with these 3rd parties to ensure that these security and compliance requirements are agreed to legally
Responsible for working with our 8x8 DPO, GC and Global legal team to ensure compliance with data privacy requirements
Responsible for working with DevOps and product management and our 8x8 AppSec team to ensure that 8x8 applications and global infrastructure meet all major regulatory requirements
In conjunction with our 8x8 AppSec team, work with 8x8 strategy and planning in designing future architectures that enable 8x8 to meet its present and anticipated future security and regulatory compliance law goals
In conjunction with our 8x8 AppSec team, work with 8x8 product and marketing, product management and other 8x8 groups to ensure our products and solutions are engineered to enable them to meet regulatory compliance law requirements
Representing 8x8 externally at conferences and other events, including public speaking engagements
Desired skills and experience:
At least 8-10 years direct enterprise level compliance responsibility experience
At least 8-10 years direct enterprise security experience
Extensive experience with US IT SOX compliance, HIPAA, NIST 800-53 rev. 4, ISO 27001:2013, PCI-DSS v3.2, Global Data Privacy and other regulatory requirements.
Certifications including at least CISSP with CISM and/or Ethical Hacking a plus
Ability to work independently as well as in a team environment
Excellent communication and interpersonal skills
Strong organizational and problem-solving skills
Flexible schedule to accommodate 10% travel and working across time zones
Bachelor’s and/or Master’s Degree in MIS/ IT from a leading institute.
Written and verbal fluency in Business English is a must.
At Wavecell, you will have the opportunity to work in a dynamic and innovative working environment. Being a part of our team means that you contribute to shape how the businesses and consumers communicate through next generation technology advancements within the cloud communications industry. We believe in the power of teamwork and to also entrust core responsibilities to each and every employee to drive success for the company. We look forward to having motivated and driven individuals to journey with us to grow our global,
fully-unified cloud communications platform.