GRC Specialist/Sr. Specialist, Information Security & Compliance

About Agoda

At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world.

Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Every day, we connect people to destinations and experiences, with our great deals across our millions of hotels and holiday properties, flights, and experiences worldwide.

No two days are the same at Agoda. Data and technology are at the heart of our culture, fueling our curiosity and innovation. If you’re ready to begin your best journey and help build travel for the world, join us.

Get to Know Our Team – Security at Agoda

At Agoda, our Security Department plays a critical role in safeguarding the organization. We oversee security, governance, risk management, compliance, and security operations across the company—ensuring there are no breaches or vulnerabilities that could impact our business or our people.

As the security landscape evolves at an incredible pace, we pride ourselves on being early adopters of emerging technologies and innovative solutions. If you’re passionate about working with cutting-edge tools in a fast-moving, dynamic environment, this is an exciting challenge to take on.

The Opportunity

We are looking for a dedicated GRC (Governance, Risk Management & Compliance) Specialist/Sr. Specialist professional to join our team.

In this role, you will collaborate closely with internal stakeholders to manage Information Security and Compliance risks. You’ll contribute across multiple areas including IT SOX compliance, risk management, and broader GRC initiatives.

We’re seeking someone who is an independent, proactive thinker, a strong stakeholder manager, and a natural team player.

This position is open to both local and international candidates, with relocation support available for eligible candidates to ensure a smooth transition to living and working in Bangkok.

In This Role, You Will:

• Apply strong knowledge of Risk Management, GRC functions, IT SOX Compliance, IT General Controls (ITGC) and industry frameworks (e.g., NIST CSF, PCI DSS and other leading standards).
• Support and manage IT SOX compliance activities, including control design, testing, documentation, and remediation tracking.
• Continuously assess risks and ensure IT policies, procedures, and standards are effectively embedded into daily operations.
• Deliver high-quality work in a dynamic environment with minimal supervision.
• Partner with internal teams to enhance and mature security controls.
• Track and ensure timely remediation of audit and risk assessment findings—never missing a deadline.

Looking to advance your IT & Network Engineering career with relocation support? Explore IT & Network Engineering Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.

• Proactively identify gaps and recommend improvements through strong written and verbal communication.
  
  

What You’ll Need to Succeed:

• Bachelor’s degree in Business, Computer Information Systems, Computer Science, Information Systems Management, or equivalent experience.
• At least 2-4 years of experience in a technology role, preferably within a security environment.
• Strong understanding of international Information Security standards and frameworks.
• Ability to manage multiple projects and balance competing priorities.
• Comfort analyzing operational and technical data under tight deadlines.
• Independent, self-driven mindset with strong problem-solving skills.
• Excellent communication and presentation skills, with the ability to explain complex concepts clearly.
• Strong project management capabilities.
  
  

It’s great if you have…

• Experience leading global projects across multiple regions.
• Demonstrated strengths in:
• Attention to Detail- Is thorough when performing work and conscientious about attending to detail.

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

• Stakeholder management- Works with clients and leadership.
• Oral Communication- Expresses information to individuals or groups effectively.
• Problem Solving- Identifies problems; determines accuracy and relevance of information.
• Professional security certifications such as CISA, CRISC, CISSP, or other relevant Information Security credentials.
  
  

If you’re ready to help shape and strengthen security in a global organization while working alongside talented professionals in an innovative environment, we’d love to hear from you.

Discover More About Working At Agoda

• Agoda Careers https://careersatagoda.com
• Facebook https://www.facebook.com/agodacareers/
• LinkedIn https://www.linkedin.com/company/agoda
• YouTube https://www.youtube.com/agodalife
  
  

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.