Tech Stack

Description

You will join the Security GRC team to proactively identify, assess, and mitigate information security risks, supporting the development of governance frameworks aligned with business objectives. You'll work with security and technology leaders to build scalable GRC programs.

Requirements

• 8+ years in information security and GRC
• Experience with risk management methods, standards, and processes (e.g., NIST CSF/RMF, ISO 31000)
• Knowledge of Korean and international info security and privacy regulations
• Technical experience with IT infrastructure, services, and AWS cloud
• Bachelor's degree

Responsibilities

• Build and manage information security governance/risk frameworks aligned with strategic goals
• Conduct regular risk assessments and report findings to management and stakeholders
• Standardize risk management and GRC activities across Coupang entities and subsidiaries
• Review Korean and international information security and privacy regulations to ensure compliance
• Collaborate with stakeholders to communicate security requirements and GRC activities effectively