[Corporate] Senior Information Security Specialist

Save
Job updated 17 days ago
The employer was active 2 days ago

Job Description

KKCompany Technologies Group is a leading technology group in software services. We have created the world’s first legal music streaming platform, KKBOX, and are an international software technology group focused on “multimedia technologies, digital cloud, and AI applications” as our core business to create value for the customers. The group consists of self-owned brands including KKBOX, BlendVision, and Going Cloud with enterprise customers across Asia. KKCompany Technologies has attained OpenChain ISO/IEC 5230 and ISO 27001 third-party international certification.

We have over 500 employees across offices in Tokyo, Singapore, Taipei, Kaohsiung, and Hong Kong. For more information please visit our website: www.kkcompany.com and blog: blog.kkcompany.com

Senior Information Security Specialist

We are looking for an experienced Information Security Specialist who can operate independently and keep KKCompany’s rapidly scaling business aligned with ISO/IEC 27001, ISO/IEC 27701, and other relevant security and privacy requirements. You will drive internal audits, policy development, and security-awareness initiatives while collaborating with colleagues across product, operations, and compliance to embed a security-first mindset as the company grows. If you want a role that blends strategic impact with hands-on ownership of security and privacy, you’ll feel right at home here.

Responsibilities:

    • Lead internal audits against ISO 27000-series standards, track remediation, and manage external audit schedules and evidence.
    • Develop, update, and enforce information security and privacy policies, procedures, and records to meet regulatory and standard requirements.
    • Monitor developments in security and privacy regulations (e.g., PDPA) and advise on control adjustments.
    • Conduct annual risk assessments, maintain the risk register, and coordinate mitigation actions across teams.
    • Design and deliver security and privacy awareness training and campaigns to raise organization wide security awareness.
    • Collaborate with engineering, cloud operations, legal, and external consultants to ensure controls remain effective and aligned with business needs.

    Requirements

    Requirements:

    • ISO/IEC 27001:2022 Lead Auditor certification, or equivalent direct audit experience.
    • Minimum 2 years of experience in information security management or security audit roles, with proven experience leading ISO 27001 internal audits.
    • Practical skills in drafting and maintaining security and privacy policies and procedures aligned with recognized standards.
    • Familiarity with risk assessment methodologies and experience maintaining a risk register.
    • Ability to design and deliver security awareness materials or training sessions for non-technical audiences.
    • Comfortable reading English standards and regulations and producing concise written documents; basic spoken English for discussions when required.
    • Strong interpersonal and coordination skills to work with colleagues from different functions and with external advisors.
    • Familiarity with project or issue tracking tools such as GitLab or Jira, and basic project management practices.

    Nice to Have:

    • Background in technology, software, or cloud service companies.
    • Additional certifications such as CEH, CISA, CISM, CIPM, or ISO/IEC 27701 Lead Auditor certification.
    • Excellent presentation, training, or cross cultural collaboration experience.
    • Demonstrated proactivity and problem solving skills, with the ability to influence multiple teams on security matters.
    View all jobs
    View all jobs
    Save
    Personal Invitation Link
    This is your personal referral link for job invitation. You'll receive an email notification when someone applied for the position via your job link.
    Share this job
    Logo of KKCompany.

    About us

    頂尖跨國科技集團科科科技(KKCompany Technologies)為軟體服務領航者,以「多媒體串流、數位雲端、AI 應用」為技術與事業發展核心,致力於為客戶創造價值。

    科科科技相信「Innovation Made Simple」,科技能為各個產業所面臨的難題帶來解答。成立 20 年,集團旗下包含音樂串流 KKBOX、多媒體科技 BlendVision、雲端智慧 Going Cloud 等自有產品品牌。創立全球第一個合法音樂串流平台(KKBOX),運用領先的多媒體影音串流技術為用戶創造美好體驗。藉由自有品牌與服務國際大型企業客戶,累積海量數據與不斷進化的分析能力,以及豐富的品牌營運等經驗,協助企業成功推動數位轉型。服務超過千萬消費者,企業客戶遍佈全亞洲,涵蓋電信、影音媒體、線上教育、運動健身、智慧零售等不同領域產業。

    科科科技集團在東京、新加坡、台北、高雄、香港等地設有辦公室,擁有超過 500 位同仁。

    Multinational technology group KKCompany Technologies is a pioneer in the field of software services. The company is dedicated to creating values for customers with core businesses of multimedia technologies, digital cloud, and AI applications.

    At KKCompany, we believe “Innovation Made Simple,” and technology is the answer to the struggles faced by every industry. Since its establishment two decades ago, KKCompany has expanded its portfolio, including KKBOX, BlendVision and Going Cloud. KKBOX is the world’s first platform bringing legal music streaming service to the public. It utilizes state-of-the-art streaming technology to enable excellent user experience. Our flagship brands and a base of international clients enable us to accumulate extensive data and advance analytical capabilities. The strengths along with our abundant experience in brand management help businesses achieve digital transformation successfully. We serve over tens of millions of consumers and enterprise clients in Asia cross a broad spectrum of industries such as telecommunication, multimedia, online education, fitness, smart retail and more.

    KKCompany now has over 500 employees across offices in Tokyo, Singapore, Taipei, Kaohsiung, and Hong Kong.