Information Security Risk and Compliance Adviser, Asia

FCM is one of the world’s largest travel management companies and a trusted partner for nationals and multinational companies. With a 24/7 reach in 97 countries, FCM’s flexible technology anticipates and solves client needs, supported by experts who provide in-depth local knowledge and duty of care as part of the ultimate personalised business travel experience. As part of the ASX-listed Flight Centre Travel Group, FCM delivers the best market-wide rates, unique added-value benefits, and exclusive solutions. A leader in the travel tech space, FCM has proprietary client solutions. FCM provides specialist services via FCM Consulting and FCM Meetings & Events.

FCM Asia is an Equal Opportunity Employer searching for talented, driven people who have a desire to build a rewarding career in a company that loves to celebrate your success! We work in a team work environment where we maintain a favourable working relationship with co-workers in all departments to foster a culture of trust and mutual respect.

By joining the team, you'll discover first hand why we're recognised around the world as an outstanding employer.  In addition, our company founder strongly believes the success of our business relies on the success of our people.

Security Risk Management

• →Assist the Information Security Risk and Compliance Manager, CPO Asia, Risk and Business Leadership to identify information security risk exposures and manage them within risk appetite
• →Implement and maintain an information security risk register to record, track and manage information security risk for the region
• →Monitor new threats as they evolve and recommend adjustments to risk management plans and security controls as necessary

Security Compliance Management

• →Lead the implementation and maintenance of the Information Security Management System (ISO 27001) within Asia
• →Facilitate and provide secretarial support (agenda, meeting pack, and minutes) for the quarterly Information Security Management Forums (ISMF)
• →Collaborate with internal stakeholders to collate assurance documentation and evidence to support audit activity
• →Perform internal and coordinate external audit and security testing programs to maintain compliance with Corporate security standards, certifications and regulatory requirements

Client Information Security Support

• →Assist with the assessment of third-party security risk for suppliers with whom FCTG has a requirement to share information or business processes
• →Assist Sales and Account Management teams to respond to customer security questions
• →Feed customer requirements into ongoing assurance activities to ensure new compliance risks are known, owned, and managed

Behavioural Competencies

• Ability to influence without necessarily having direct control
• Actively listens and fosters open communication
• Builds trust and sustains collaborative, productive relationships
• Presents technically complex ideas & concepts logically and clearly
• Excellent written and spoken communication in English
• Plans and prioritises own work as well as guides others to ensure all goals are met
• Ability to work independently and use own initiative

Job Competencies

• Plans projects and activities well in advance and takes account of changed circumstances
• Monitors performance against deadlines and milestones
• Breaks information into component parts, patterns and relationships
• Probes for further information or greater understanding of a problem
• Makes rational judgments from the available information and analysis

Experience

• 3+ years of experience in information security, governance, risk and compliance (GRC), or a technical security operations role
• In-depth knowledge of Security frameworks such as ISO27001/2, PCI DSS, NIST, SOC 2, etc
• Working knowledge of Risk Frameworks such as ISO 31000
• Demonstrated ability in implementing and maintaining an Information Security Management System (ISMS) for ISO 27001

Desirable Qualifications

• ISO 27001 Internal Auditor or Lead Implementor
• CISSP, CISM, or equivalent certification desirable but not mandatory

Applications close: 22 May 2026 India Standard Time

Back to search results Apply now Refer a friend