IT GRC Specialist / Senior Specialist (Security & Resilience) - Bangkok Based, Relocation Provided

Описание вакансии

About Agoda

At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world.

Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Every day, we connect people to destinations and experiences, with our great deals across our millions of hotels and holiday properties, flights, and experiences worldwide.

No two days are the same at Agoda. Data and technology are at the heart of our culture, fueling our curiosity and innovation. If you’re ready to begin your best journey and help build travel for the world, join us.

Get to Know Our Team – Security & Resilience at Agoda

At Agoda, our Security & Resilience Department plays a critical role in safeguarding the organization. We oversee security, governance, risk management, compliance, and security operations—alongside business resilience capabilities including Business Continuity Management (BCM), Disaster Recovery (DR), and Crisis Management.

Our mission is to ensure Agoda can prevent, withstand, and recover from disruptions, whether cyber, operational, or external, while protecting our people, customers, and business.

As the security and resilience landscape evolves at an incredible pace, we pride ourselves on being early adopters of emerging technologies and innovative solutions. If you’re passionate about working with cutting-edge tools in a fast-moving, dynamic environment, this is an exciting challenge to take on.

The Opportunity

We are looking for a dedicated GRC (Governance, Risk Management & Compliance) Specialist/Sr. Specialist to join our team.

In this role, you will collaborate closely with internal stakeholders to manage Information Security, Compliance, and Resilience risks. You’ll contribute across multiple areas including risk management, business continuity, disaster recovery, and broader GRC initiatives.

We’re seeking someone who is an independent, proactive thinker, a strong stakeholder manager, and a natural team player.

This position is open to both local and international candidates, with relocation support available for eligible candidates to ensure a smooth transition to living and working in Bangkok.

In This Role, You Will:

• Apply strong knowledge of Risk Management, GRC functions, IT General Controls (ITGC), and industry frameworks (e.g., NIST CSF, PCI DSS, and other leading standards)
• Contribute to Business Continuity Planning (BCP), Disaster Recovery (DR), and Crisis Management programs, ensuring alignment with business and regulatory requirements
• Support Business Impact Analyses (BIAs) and help map critical functions, systems, and dependencies
• Continuously assess risks and ensure IT policies, procedures, and standards are effectively embedded into daily operations
• Deliver high-quality work in a dynamic environment with minimal supervision
• Partner with internal teams to enhance and mature security and resilience controls
• Track and ensure timely remediation of audit and risk assessment findings—never missing a deadline
• Proactively identify gaps and recommend improvements through strong written and verbal communication

What You’ll Need to Succeed:

• Bachelor’s degree in Business, Computer Information Systems, Computer Science, Information Systems Management, or equivalent experience
• At least 2–4 years of experience in a technology role, preferably within a security or resilience environment
• Strong understanding of international Information Security standards and frameworks
• Familiarity with BCM, DR, or Crisis Management concepts is a plus
• Ability to manage multiple projects and balance competing priorities
• Comfort analyzing operational and technical data under tight deadlines
• Independent, self-driven mindset with strong problem-solving skills
• Excellent communication and presentation skills, with the ability to explain complex concepts clearly
• Strong project management capabilities

It’s Great If You Have…

• Experience leading global projects across multiple regions
• Demonstrated strengths in:

+ Attention to Detail – thorough and conscientious in execution

+ Stakeholder Management – ability to work effectively with clients and leadership

+ Oral Communication – clearly conveys complex information

+ Problem Solving – identifies issues and determines accurate, relevant solutions

• Professional certifications such as CISA, CRISC, CISSP, or other relevant credentials

If you’re ready to help shape and strengthen both security and resilience in a global organization while working alongside talented professionals in an innovative environment, we’d love to hear from you.

Discover more about working at Agoda

• Agoda Careers https://careersatagoda.com
• Facebook https://www.facebook.com/agodacareers/
• LinkedIn https://www.linkedin.com/company/agoda
• YouTube https://www.youtube.com/agodalife

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.