Security Audit Manager

About the Team You Will Join The Security Division at Toss Bank consists of several teams: Security Policy Team, Privacy Protection Team, System Security Team, Network Security Team, Security Red Team, Security Blue Team, IT Service Team, and Security Audit Team. The Security Audit Manager will be responsible for conducting regular and ad-hoc audits as well …

About the Internal Audit Team at Toss Bank The Internal Audit Team at Toss Bank works to protect both customers and colleagues from a range of internal and external risks. The group includes professionals with more than 10 years of auditing experience, bringing varied backgrounds and a focus on practical, efficient audit strategies. Audits cover multiple domains and are carried out in partnership with other teams according to the annual audit plan. Insights from these audits drive real improvements, not just reports, thanks to strong teamwork and a commitment to actionable results. What You Will Do Create and execute a long-term IT audit strategy, ensuring systematic audit operations. Lead thematic and special audits to address IT and security concerns. Manage financial incident reporting and investigations, and coordinate responses to regulatory bodies. Who We’re Looking For Background in internal audit, compliance, or information security (including data protection) is required. Solid understanding of IT and information security regulations, with experience in compliance checks. Hands-on knowledge of information security controls such as network architecture, access control, account management, and log management is preferred. Experience with policy management and tools for hacking prevention, data breach prevention, and monitoring is a plus. Familiarity with incident investigations involving IT failures, breaches, or data leaks is valued. Experience with continuous monitoring tasks (such as FDS or rule-based data leak detection) is desirable. Resume Tips Describe specific examples of managing risks and driving improvements through internal audit or similar roles. Share how you addressed resistance from operational departments to internal control changes, and how you overcame these situations. Mention IT and security-related responsibilities beyond internal audit or IT controls, if applicable. If you’ve worked with regulatory bodies like the Financial Supervisory Service, detail your contributions during inspections. Application Process Submit application Job interview Cultural fit interview Reference check Salary negotiation Final acceptance and onboarding

We are seeking an experienced and dynamic Audit Operations Manager to join our team. In this pivotal role, you will oversee and enhance our audit processes, ensuring compliance and operational excellence. You will play a crucial part in fostering a culture of accountability and continuous improvement within our organization.As the Audit Operations Manager, you will be responsible for developing audit strategies, leading audit teams, and working closely with various departments to ensure best practices are implemented. Your analytical skills will help identify risks and opportunities, while your leadership will guide your team towards achieving our organizational goals.

# Join Our Team The IT Audit Manager at Toss Bank will be part of the internal IT audit team. This team collaborates closely with departments related to platform, infrastructure, security, and compliance to ensure adherence to IT regulations. # Responsibilities Evaluate and improve internal control procedures to comply with the Electronic Financial Transactions Act and Electronic Financial Supervision Regulations. Prepare and respond to documentation related to IT internal controls as required by regulatory and certification bodies. Identify deficiencies through internal audits and propose improvement directions. Establish annual audit plans and perform regular and ad-hoc IT audit activities. # Ideal Candidate Must possess comprehensive knowledge of IT and a strong understanding of the development environment. Experience in conducting self-checks or audits is essential. Experience with program controls and computerized ledger controls in accordance with electronic financial supervision regulations is required. Experience with responses to regulatory inspections is necessary. Experience in similar roles within financial institutions is preferred. # Resume Tips Include experiences where you identified deficiencies and suggested improvements through self-checks or audits. Detail your experiences with comprehensive inspections by regulatory bodies, IT audits by accounting firms, and responses to external certification audits. # Joining the Toss Bank Journey Application submission > Job interview > Cultural fit interview > Reference check > Salary negotiation > Final selection # Important Notes Any false information found in resumes or documents, or disciplinary issues in work history may lead to cancellation of employment. Applicants who fall under the disqualification criteria as per Toss Bank’s employment regulations may have their applications revoked. Individuals with disabilities or national veterans are given preference in accordance with relevant laws. # A Message for Future Colleagues “Our goal is to establish a new standard for IT internal controls that is distinct from the rigid frameworks of traditional financial institutions.” The IT internal controls at Toss Bank are developed by asking fundamental questions: ‘Why do we do this? What are we trying to protect?’ We aim to distinguish between what is essential to follow and what is beneficial to implement, creating internal controls that allow IT organizations to operate efficiently. We foster a flexible work environment with no unnecessary reporting, enabling swift decision-making, and allowing for flexible working hours and remote work to enhance focus and productivity. If you are excited about establishing new IT internal controls in a dynamic environment, we welcome you!”

About the Team You'll Join The IT Governance, Risk Management, and Compliance (GRC) team at Toss Securities is dedicated to establishing standards for IT operations and identifying internal risks to foster improvements. The IT Audit Manager within the IT GRC team will gain comprehensive knowledge in both IT technologies and securities operations, leveraging expertise to identify and mitigate risks. Join a collaborative team where diverse experiences converge to solve challenges and foster growth. We welcome applications from individuals eager to tackle new tasks and engage in problem-solving processes. Your Responsibilities Create and implement annual audit plans, conducting regular and ad-hoc IT audits. Manage internal and external reporting when IT incidents occur. Respond to audits conducted by external auditors concerning IT internal control systems. Provide support for examinations by regulatory bodies such as the Financial Supervisory Service. Develop and operate IT internal control policies that promote innovation while ensuring compliance with electronic financial transaction laws and regulations. We Are Looking For Individuals with a minimum of 5 years of experience in IT and auditing roles. Proficiency in understanding and interpreting domestic and international regulations, including electronic financial supervision regulations. Strong communication and collaboration skills across diverse organizations. Ability to draft audit reports and related documentation clearly and effectively. Preferred Qualifications Experience in audit roles and examinations by external entities is advantageous. Possession of audit-related certifications such as CISA, CISSP, or CIA, as well as IT-related certifications, is a plus. Experience in internal control departments of financial institutions (audit teams, IT audit teams, compliance teams, etc.) is preferred. Background in IT planning, development, operations, and project participation is desirable. Resume Tips If you have concrete examples of how you have identified and mitigated risks through internal audits or similar roles, please include them. Detail any challenges you faced in implementing internal control improvements or new operational procedures, and how you overcame them. Include any IT-related roles you have held outside of internal audits or internal controls. If you have experience with regulatory examinations (e.g., from the Financial Supervisory Service), please describe your role and contributions. The Journey to Joining Toss Securities Application submission > Job interview > Cultural fit interview > Reference check > Compensation discussion > Final acceptance and onboarding. Please Note Any discovered discrepancies in resumes or disciplinary actions in employment history may result in cancellation of employment offers. Hiring may be canceled for candidates disqualified under Toss Securities' internal regulations. A Note for Future Colleagues“Let’s build an IT audit framework unique to Toss Securities together.”At Toss Securities, the IT audit role offers a remarkable opportunity to enhance and expand traditional control techniques and processes in a dynamic environment. We encourage those seeking new experiences and growth to apply!

Join Our Team The Security Audit Manager at Toss Securities will be part of the Security Division, working within the dedicated Security Audit Team. This team is responsible for conducting independent internal audits across the entire information security management system, IT infrastructure, and data management frameworks. Collaboration with various teams is essential to create reliable financial services, covering areas including security, infrastructure, platforms, and products. The Security Audit Team consists of specialists focusing on Information Security Management Systems and Data Management, supporting the decisions of the CISO and CPO. Key Responsibilities Develop annual audit plans based on information security policies and relevant regulations, auditing the security management status of IT infrastructure and information security systems comprehensively. Evaluate the adequacy and compliance of critical information security areas, including access control, security policy implementation, and encryption management. Inspect compliance with security requirements in modern IT environments, such as cloud computing and open-source software, including vulnerability management practices. Assess the appropriateness of IT disaster recovery and security incident response processes, identifying areas for improvement. Objectively analyze audit results, drafting reports and proposing actionable improvement strategies for identified issues. Ideal Candidate Profile Proven experience in information security audits or consulting, with demonstrated leadership skills in evaluating and enhancing information security management systems. Expertise in IT infrastructure and security systems (firewalls, IPS/IDS, WAF, etc.), along with experience in vulnerability analysis and assessment. Deep understanding of information security management system certification standards (ISMS-P, ISO 27001, etc.) and relevant regulations for conducting audits. Proficiency in security auditing within modern technology environments, including MSA, Kubernetes, and Cloud. Excellent communication skills to facilitate effective collaboration across diverse teams. Resume Tips Highlight your experience in information security management system audits or internal controls, including specific examples relevant to the role. Include experiences of improving IT environments or information security activities through audit responses and self-assessments. Detail instances where you identified vulnerabilities and made recommendations that enhanced the organization's security posture. If you have security audit experience in cloud environments or emerging technologies, please emphasize that as well as any complex problem-solving experiences with various teams. Application Process with Toss Securities Submit Application > Job Interview > Cultural Fit Interview > Reference Check > Salary Negotiation > Final Offer and Onboarding Important Notes Any discrepancies found in the resume or reports of disciplinary actions during employment may lead to cancellation of the hiring process. Individuals disqualified from hiring according to Toss Securities regulations will not be considered. Persons with disabilities and national veterans are given preference in accordance with relevant laws.

# Join Our Team- As a Security Audit Manager at Toss Securities, you will play a pivotal role within our Security Audit Team in the Security Division.- The Security Audit Team is responsible for conducting independent internal audits across the entirety of our information security management system, IT infrastructure, information security systems, and overall data management frameworks.- Collaboration with various teams is essential to create reliable financial services, encompassing diverse areas such as security, infrastructure, platforms, and products.- The Security Audit Team consists of specialists focusing on [Information Security Management] and [Data Protection and Management], providing in-depth audits and supporting the decision-making processes of the CISO (CPO, CIAP).# Responsibilities- Develop audit plans based on relevant regulations, including the Personal Information Protection Act and the Credit Information Act, and conduct comprehensive audits of personal data processing systems and customer data management.- Evaluate compliance and safety measures throughout the entire lifecycle of personal data processing, including collection, usage, provision, and disposal.- Assess the security management status and regulatory compliance in the latest personal data processing environments, such as pseudonymized information and AI-based services.- Evaluate the adequacy of data breach prevention and response systems while identifying areas for improvement.- Objectively analyze audit results and prepare reports, offering specific recommendations for enhancing the level of personal data protection.# We Are Looking For- Candidates with experience in establishing and managing personal data protection systems, and who have addressed various personal data issues in services.- A deep understanding and practical application of relevant laws, including the Personal Information Protection Act, the Credit Information Act, and the Act on Promotion of Information and Communications Network Utilization.- Specialized knowledge in data lifecycle management and methodologies for Personal Data Impact Assessments (PIA).- Audit capabilities related to new personal data processing environments, including pseudonymized information and AI-based services.- Excellent communication skills for effective collaboration with diverse teams.# How to Apply- Please share specific examples of your experience in personal data protection and data management audits.- Include your achievements in improving personal data processing environments or data management activities through audit responses and self-assessments.- Detail your experience in interpreting and applying personal data protection regulations.- Highlight your audit experience in new personal data processing environments, such as AI technology, MyData, and pseudonymized information.- If you have experience collaborating with various teams to resolve complex issues, be sure to showcase that.

Join QIMA as an Ethical Auditor and play a pivotal role in ensuring compliance with ethical standards and practices across various industries. You will be responsible for conducting comprehensive audits, analyzing processes, and providing actionable insights to enhance operational integrity. This is a unique opportunity to influence ethical practices in a global company.

This role is available for candidates currently residing in Korea with proficiency in Korean suitable for a business environment.Join Us in the Fight Against Cancer with AI!Lunit, short for "Learning Unit", is an innovative healthcare AI company dedicated to developing cutting-edge AI solutions for cancer diagnosis and treatment. Our mission is to harness the power of AI to enable more accurate cancer diagnoses and predict treatment outcomes, paving the way for rapid and personalized patient care. Key ResponsibilitiesAudit Planning: Establish and implement risk-based audit plans across Lunit’s corporate entities, incorporating regulatory requirements and organizational issues into the audit processes. Provide key audit strategies and insights to enhance audit quality.Stakeholder Management: Support and operate the Audit Committee, foster collaborative relationships with key leaders, propose solutions, and lead collaboration with internal audit teams and external stakeholders.Regulatory Compliance: Manage relationships with regulatory authorities in Korea, conduct reviews of regulatory issues, and support compliance through collaboration with external auditors.Leadership: Cultivate an effective, trust-based internal audit team, manage resources for audit strategy execution, and offer opportunities for global and domestic talent development.Requirements QualificationsOver 7 years of audit experience, including a minimum of 3 years in internal auditing.Fluency in English, with strong communication skills.Deep understanding of the healthcare industry and a keen interest in diagnostic medicine and artificial intelligence.Exceptional verbal and written communication skills.Proven ability to collaborate with diverse stakeholders and influence outcomes.Strong problem-solving skills.A passion for embracing change, managing uncertainty, and demonstrating innovative thinking. Preferred QualificationsPossession of relevant professional certifications such as CPA, ACA, CFA, CIA, or CISA.Experience with Korean regulatory environments and practical knowledge.In-depth understanding of regulatory frameworks.Hands-on knowledge of risk and control analysis, audit concepts, governance, and risk management frameworks.Experience working in a startup or venture company with a horizontal organizational culture. Application DocumentsResume in a free format.‍ Selection ProcessDocument Screening → Competency-based Interview → Culture-fit Interview → OnboardingReference checks may be conducted after the final interview if necessary. Work Conditions and EnvironmentEmployment Type: ContractWork Location: Lunit Headquarters (5th Floor, Case Square Gangnam 2, 374 Gangnam-daero)Salary: To be determined after the interview. Additional InformationFalse information in application documents may lead to cancellation of employment, even post-confirmation.Priority will be given to protected employment groups such as national merit veterans and persons with disabilities as per relevant laws.This job posting is for ongoing recruitment and may close early.Benefits Perks and BenefitsNew office located just a minute's walk from Gangnam Station Exit 3 (flat terrain).Meal support of 12,000 KRW for lunch and dinner, along with unlimited snacks while at the office.Support for attending conferences, job training, and purchasing books.Regular internal AI and medical seminars.Support for taking English language programs with native speakers.Access to high-quality AI learning data and deep learning DevOps systems.Annual welfare points worth 1.2 million KRW available for personal use.Support for holiday gifts and various ceremonial expenses.Comprehensive health check-ups and employee accident insurance support.

Join our dynamic team at SGS as an RBS Auditor (APSCA / CSCA) in Seoul. In this pivotal role, you will assess and ensure compliance with industry standards, conducting thorough audits and contributing to quality improvement initiatives. You will collaborate with various stakeholders, leveraging your expertise to drive operational excellence and uphold our commitment to safety and quality across all services.

Join QIMA as a MA Auditor and be part of a dynamic team dedicated to ensuring quality and compliance across various sectors. In this pivotal role, you will conduct audits, analyze data, and provide insights that help businesses improve their standards. Your expertise will contribute to our mission of delivering exceptional auditing services globally.

About Toss Insurance Toss Insurance aims to make insurance accessible and appealing, especially for those new to the industry. In just four years, the company surpassed 200 billion KRW in revenue and achieved its first operating profit in 2024. Growth continues at a strong pace. The Customer Net Promoter Score (NPS) is 90.5, well above the industry average, reflecting a deep focus on customer satisfaction and service quality. Role Overview: Finance Manager The Finance Team plays a central role in Toss Insurance’s expansion. This group manages accounting, internal and external audits, tax compliance, SOX compliance, disclosures, and cash flow. Beyond closing the books, the team provides insights that highlight the company’s financial health and growth trajectory. What You Will Do Lead improvements to financial reporting systems to support rapid business growth Enhance the accuracy and timeliness of financial statements Strengthen processes for external audit and disclosure responses Work closely with a team that values continuous improvement and enjoys finding better ways to operate Location This position is based in Seoul.

Join QIMA as a part-time MA Auditor and play a crucial role in ensuring compliance and efficiency in our auditing processes. As a key member of our Audit Services team, you will be responsible for conducting thorough audits, analyzing data, and providing insightful recommendations to enhance operational effectiveness.