IT GRC

We are Honest – a company committed to building financial products that people truly love. Our products are designed to be fair, simple, and genuinely useful in everyday life. Our diverse team brings together people from different backgrounds who share the same goal: to create meaningful solutions that make finance better. After successfully launching our first product, we're now in an exciting growth stage, learning fast, moving quickly, and building together as a team.

You will own the execution of user engagement and re-engagement campaigns across owned channels, working closely with marketing and product managers. You'll be the hands-on operator behind our MoEngage setup, running campaigns that activate new users, recover dormant ones, and reduce attrition. If you love being in the weeds of campaign execution, obsess over messaging that converts, and know your way around tools like MoEngage and WhatsApp Business, we'd love to meet you.

(Focus areas: portfolio actions on activation, average spend per account, dormant account management, attrition management and reactivation)

• Audit and Regulatory Compliance PIC: You’ll lead the charge for annual audits ranging from PCI-DSS, ISO 27001, along with generic and regulator specific audits.

• You’ll draft and maintain IT policies and procedures and ensure they are aligned with ISO 27001 and the latest local regulations while remaining readable by the general people.

• Data-Driven Insights: Produce monthly cybersecurity Key Risk Indicators (KRI). Work with various stakeholders to tell the story of our cyber risk posture.

• Human Firewall: Own our security culture by managing and conducting annual cybersecurity training and run phishing campaigns.

• Risk Navigation: Identify IT risks before they become problems and help stakeholders how to mitigate.

• IT Governance: Enforce IT governance by coordinating with stakeholders to follow the proper processes such as conducting lesson-learned for incidents or annual user access review.

• Third-Party Trust: Review our vendor and partners to ensure their security standards match our own.

• Framework knowledge: You know and understand ISO, NIST, PCI-DSS.

• Audit experience: Proven experience thriving in high-stakes audits like regulatory audits, PCI-DSS or ISO 27001.

• Attention to detail to notice the small stuff that others miss during risk assessments.

• Communication skills: You need to to translate compliance or technical terms into plain English.

• English to collaborate with diverse multi-national teams.

• Fintech or credit product experience 💳

• Deep MoEngage platform knowledge

• Experience with app-based growth or lifecycle marketing

• Indonesian language skills 🇮🇩

Hiring is something we do with care. Here's what to expect after submitting your resume:

1. The hiring team reviews your application

2. Initial call with the hiring team

3. Onsite interviews with relevant team members

4. Offer

• 🏦 Everyone gets ESOP — we're all owners here

• 📚 Training course and book subsidies

• You'll work with some of the sharpest people in the industry

• 🏙 Modern office in the heart of Bangkok

• 🏥 Top-of-the-line medical healthcare plan

• 💆 Monthly wellness allowance

• 🌏 One of the best-funded startups in Southeast Asia, backed by Silicon Valley investors

• No titles or hierarchy — we value contribution and celebrate wins together

At Honest, we are committed to equal employment opportunities regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, or other class protected by applicable law. We are proud to be an equal opportunity workplace.