Governance, Risk and Compliance Specialist

Overview

AvePoint is seeking a Governance, Risk and Compliance Specialist to join our APAC team in Singapore. This role focuses on leading GRC initiatives, supporting regulatory compliance across cloud solutions, and partnering with cross-functional teams to protect data, manage risk, and ensure all regulatory requirements are met.

Responsibilities

• Develop and maintain GRC programs, policies, and procedures aligned with AvePoint standards and applicable regulatory requirements.
• Conduct risk assessments, control testing, and remediation activities to strengthen the control environment.
• Monitor and support compliance with data protection laws and privacy regulations relevant to APAC markets.
• Coordinate internal and external audits, and provide evidence-based responses to audit findings.
• Collaborate with product, security, legal, and operations teams to implement effective controls and risk mitigations.
• Manage vendor risk and due diligence processes in coordination with procurement and vendor management programs.
• Communicate risk and compliance status to leadership and stakeholders through clear reporting.
• Stay informed about regulatory changes in the APAC region and adapt programs accordingly.

Requirements

• Bachelor’s degree in a relevant field; professional certifications (e.g., CISA, CIA, CISSP, CISM) are a plus.
• 3+ years of experience in governance, risk, and/or compliance roles, preferably in technology or cloud-based environments.
• Strong knowledge of data privacy laws and regulatory frameworks applicable to APAC (e.g., PDPA, local data protection regulations).
• Analytical mindset with excellent communication and cross-functional collaboration skills.
• Ability to translate complex regulatory requirements into practical controls and processes.

Benefits

• Competitive compensation and benefits
• Opportunity to shape GRC programs across the APAC region
• Collaborative, global team with a focus on professional growth