Staff, Security Governance Specialist – Internal Control Assurance

Coupang is seeking an experienced professional with a strong background in security risk assurance and audit to join the Security Governance team. The role is ideal for a candidate committed to building a resilient information security posture through comprehensive monitoring and assessment of Coupang’s Cyber security related internal process controls. We are looking for a proactive team player who is detail-oriented, capable of high-level strategic thinking, able to collaborate effectively across cross-functional partners at Coupang and its subsidiaries. The successful candidate will have proactive problem-solving abilities, strong analytical skills, excellent stakeholder engagement, a process-oriented mindset, and a drive to adapt quickly in a fast-paced environment.

Key Responsibilities:

· Lead InfoSec Internal control designing and monitoring activities to evaluate and enhance Coupang’s information security posture across its operations and subsidiaries.

· Manage (Develop, implement and update) security assurance processes, identify improvement areas, and provide actionable recommendations.

· Collaborate with cross-functional teams and external stakeholders on InfoSec Internal controls standards and assurance initiatives.

· Act as a subject matter expert, providing insights on process internal control monitoring and assurance.

· Develop and enhance Coupang’s information security programs, including the creation of internal controls, processes, and policies for Cyber Security assurance.

· Conduct in-depth assessments and analyses, generate detailed reports, and present findings to leadership and stakeholders across teams and regions.

· Stay informed on legislative and regulatory developments to guide assurance efforts in Internal control monitoring.

Minimum Qualifications:

· Bachelor’s degree in information security, IT, or a related field.

· 8 - 10 years of experience in information security, cyber security audit, or control monitoring (8+ years with advanced degree in a relevant field).

· Demonstrated experience in security audit and assessment, with a focus on cyber security control monitoring.

· Familiar with IT infrastructure, cloud services, and cyber security system management.

· Experience with GRC tools, ticketing systems like JIRA, and collaboration tools like SharePoint.

Preferred Qualifications:

· 5+ years of experience specifically in Cyber Security Internal control monitoring and audits in major firms.

· Strong verbal and written communication skills in both English and Korean, with the ability to convey complex information to various stakeholders.

· C-suite and board of directors reporting experience.

· Industry certifications such as CISA, CISSP, or CRISC.