IT GRC
Who we are
We are Honest – a company committed to building financial products that people truly love. Our products are designed to be fair, simple, and genuinely useful in everyday life. Our diverse team brings together people from different backgrounds who share the same goal: to create meaningful solutions that make finance better. After successfully launching our first product, we're now in an exciting growth stage, learning fast, moving quickly, and building together as a team.
About the role
You will own the execution of user engagement and re-engagement campaigns across owned channels, working closely with marketing and product managers. You'll be the hands-on operator behind our MoEngage setup, running campaigns that activate new users, recover dormant ones, and reduce attrition. If you love being in the weeds of campaign execution, obsess over messaging that converts, and know your way around tools like MoEngage and WhatsApp Business, we'd love to meet you.
(Focus areas: portfolio actions on activation, average spend per account, dormant account management, attrition management and reactivation)
How you will make an impact
Audit and Regulatory Compliance PIC: You’ll lead the charge for annual audits ranging from PCI-DSS, ISO 27001, along with generic and regulator specific audits.
You’ll draft and maintain IT policies and procedures and ensure they are aligned with ISO 27001 and the latest local regulations while remaining readable by the general people.
Data-Driven Insights: Produce monthly cybersecurity Key Risk Indicators (KRI). Work with various stakeholders to tell the story of our cyber risk posture.
Human Firewall: Own our security culture by managing and conducting annual cybersecurity training and run phishing campaigns.
Risk Navigation: Identify IT risks before they become problems and help stakeholders how to mitigate.
IT Governance: Enforce IT governance by coordinating with stakeholders to follow the proper processes such as conducting lesson-learned for incidents or annual user access review.
Third-Party Trust: Review our vendor and partners to ensure their security standards match our own.
What you need to have
Framework knowledge: You know and understand ISO, NIST, PCI-DSS.
Audit experience: Proven experience thriving in high-stakes audits like regulatory audits, PCI-DSS or ISO 27001.
Attention to detail to notice the small stuff that others miss during risk assessments.
Communication skills: You need to to translate compliance or technical terms into plain English.
English to collaborate with diverse multi-national teams.
What makes you stand out
Fintech or credit product experience 💳
Deep MoEngage platform knowledge
Experience with app-based growth or lifecycle marketing
Indonesian language skills 🇮🇩
Our application process
Hiring is something we do with care. Here's what to expect after submitting your resume:
The hiring team reviews your application
Initial call with the hiring team
Onsite interviews with relevant team members
Offer
Why you'll love it here
🏦 Everyone gets ESOP — we're all owners here
📚 Training course and book subsidies
You'll work with some of the sharpest people in the industry
🏙 Modern office in the heart of Bangkok
🏥 Top-of-the-line medical healthcare plan
💆 Monthly wellness allowance
🌏 One of the best-funded startups in Southeast Asia, backed by Silicon Valley investors
No titles or hierarchy — we value contribution and celebrate wins together
At Honest, we are committed to equal employment opportunities regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, or other class protected by applicable law. We are proud to be an equal opportunity workplace.