Portfolio Company Careers

Discover opportunities across our network of values-driven companies!
Sovereign’s Capital
Sovereign’s Capital

Assistant Manager, Regional Governance



Posted on Tuesday, June 11, 2024

Company Description

About Grab and our workplace

Grab is Southeast Asia’s leading superapp. We are dedicated to improving the lives of millions of users across the region by providing them everyday services such as deliveries, mobility, financial services, enterprise services and others. More than that, we provide the opportunity for them to have a better life. And that aspiration starts inside Grab because we believe in a seamless blend of work and home life, making every aspect of life better for all.

Guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles—the 4Hs: Heart, Hunger, Honour and Humility—we work to create economic empowerment for the people of Southeast Asia. With our unwavering commitment to our values, we believe that we're more than a service provider; we're agents of positive change.

Job Description

Get to know the team

The Grab Commercial & Support team is responsible for developing, shaping and executing a holistic customer experience strategy for Grab. We advocate for our users, think in their shoes and embrace a strong sense of ownership and accountability, leveraging on technology platforms to maximise the support efficiency for our agents to solve our consumers and partners’ problems. We are obsessed with delivering world class experience to our users on the journey of their lives.

Get to know the role

As a Regional Assistant Manager, you are an individual contributor within the Grab Commercial & Support Governance function to assess and support key projects and platforms (internal and external) used by but not limited to our agent support specialists, and through balancing risk, compliance and business operational needs.

You will be working and collaborating with internal teams from Country, Cybersecurity, IT controls, Risk and Compliance, specifically on Southeast Asia Cyber Regulatory and Data Security requirements.

You will play a critical role in the delivery of a wide range of initiatives - from quick wins, to lengthy and complex audit executions, risk and compliance programs for Grab Commercial & Support, not limited to contact center operations and vendor outsourcing. For certain projects and platforms, you will be expected to serve as the subject matter expert and/or provide operational support on an ongoing basis and adopt a strong sense of ownership.

IT Security and Operational Risk Management

  • Be a subject matter expert on IT infrastructure, security and operational controls for Grab Commercial & Support in alignment with Grab’s policies and standards

  • Design, implement and sustain the risk management framework and program for Grab Commercial & Support

  • Provide cost effective recommendations to mitigate business risks and strengthen internal controls

  • Develop, maintain and update critical process and procedure documentation with clear ownership

  • Assist in the development, implementation and maintenance of Business Continuity Plans for Grab Commercial & Support operations

  • Participate in new IT security initiatives implementation, take a hands-on approach and partner with Grab Technology Solutions and Grab Commercial & Support stakeholders to perform user acceptance tests, implement and adopt procedures and access controls in accordance with Grab’s policies

  • Build and enhance IT control monitoring automation capabilities and roadmap through various alerting and data tools

  • Cultivate a customer-centric risk culture that champions solutions that will grow a proactive, efficient, sustainable and effective risk management program for Grab Commercial & Support

User Access Management

  • Be the subject matter expert on user access control for Grab’s application systems used by Grab Commercial & Support, in alignment with Grab’s policies and User Access Management Framework
  • Project lead or participate in new product feature rollout initiatives of Grab’s application systems, take a hands-on approach and partner with stakeholders to perform user acceptance tests, implement and adopt procedures and access controls in accordance with Grab’s policies

Compliance Audit and Security Awareness

  • Design, implement and maintain the Grab Commercial & Support policies in alignment with Grab’s policies and standards

  • Provide guidance on compliance requirements such as user access control for Grab’s application systems used by Grab Commercial & Support and physical security of operations in alignment with Grab’s policies and standards

  • Partner with enterprise and country teams to perform and complete compliance audits, risk assessments, quality assurance reviews, control mitigation, track and report on operating effectiveness of the internal controls implemented for Grab Commercial & Support

  • Prepare audit reports and provide recommendations to enhance compliance and risk management efforts

  • Provide cost effective recommendations to mitigate business risks and strengthen internal controls

  • Collaborate with internal parties and vendors to address Internal Audit / Cybersecurity / Compliance / Sarbanes-Oxley (SOX) issues, develop mitigation plans, follow up actions and remediation timelines up to closure

  • Assist with the development of interactive security awareness content, design and creation of graphics and article writing on governance related topics for the community.

  • Foster a culture of compliance by promoting awareness and understanding of Governance Risk & Compliance principles across Grab Commercial & Support


  • At least 7 years of relevant work experience conducting project management for IT Security, Risk Management and Compliance in an end-user environment, Degree in Computer Science or technology-related field

  • Solid knowledge of risk and control concepts related to business and information technology processes

  • Professional certification such as PMP/CISSP/CISM/CISA/CRISC/ISO 27001 is desired

  • An advocate of effective documentation to promote consistency in processes, continuous reinforcement and iteration for process improvement

  • Excellent project management, slide content creation, and board presentation skills

  • Excellent presentation and communication skills, both written and verbal, to effectively articulate risks, mitigation proposals and positively influence key business partners and/or stakeholders, preferably with exposure in engagement across Southeast Asia region

  • Excellent business acumen, customer-centric, team and results-oriented. Able to take a broad, strategic perspective and deep dive to understand business needs and challenges and translating that into functional requirements needed

  • Be motivated by innovation to achieve tangible business outcomes

  • Strong team player with strong organization and stakeholder management skills and the ability to take ownership and deliver independently

  • Strong analytical, structured process-thinking, and problem-solving skills

  • Possess initiative, drive and excellent attention to detail

  • Able to work under pressure with tight deadlines and/or multiple projects in a fast paced environment and at the same time come up with effective recommendations to facilitate decision making

  • Willingness to travel across Grab’s markets in SEA, where necessary