Senior Executive, Internal Audit

Aspire Lifestyles is a leading global provider of Concierge and Loyalty services, catering to clients in banking, payments, insurance, luxury retail, automobile, and luxury property sectors. As a pioneer in the Concierge industry, we focus on delivering exceptional services, including employee concierge, wellness programs, and digital offerings. Our commitment to innovation, excellence, and social responsibility ensures we create memorable experiences and provide outstanding service for our clients. For more information, visit

Position Summary

Executes internal compliance program as per the overall strategic information security plan of Aspire Lifestyles in accordance with customer requirements, certifications requirements, and cyber security requirements. A key element of this role is to work with internal stakeholders in business lines and support function.

Key Responsibilities

• Serve as 2nd line of defense (2LOD), performing continuous assessment of IT security practices and policies to improve the security posture of the company
• Conduct regular risk assessments to identify potential vulnerabilities in systems and processes and develop/implement strategies to mitigate identified risks.
• Produce regular reporting on compliance evidence status.
• Identify compliance gaps and plan the implementation of new controls.
• Work closely with application and infrastructure architects and ensure the applications and infrastructure is designed and transitioned to operations based on various business and technology needs.
• Work closely with information technology team to ensure that infrastructure is designed and built with required security controls. Advise on infrastructure security best practices such as server hardening, patch management, secure operating environment.
• Educate employees by planning the webinars, emailers and group talks on audits and certifications to promote the culture of information security and compliance.
• Plan, present and follow-up on compliance programs in all security forums such as security steering committee, data protection committee, information security management committee.
• Collect and maintain applicable IT Security Regulations for all relevant geographies.
• Provide expert opinion on information security policies to ensure that these are updated based upon the new security trends, customer needs, incident trend and legal or regulatory requirement.
• Demonstrate expertise in managing third party security assessment across the organization.
• Support the Manager of Audits, Certifications and Attestations in executing internal compliance program.

Required Competencies & Work Experience

• Degree in business administration or a technology-related field required.
• Professional security certifications such as CISA, CISSP, ISO/IEC 27001 Lead Auditor.
• Experience with either PCI DSS, ISO 27001 or SOC2 certification required.
• Minimum of 3 to 7 years of experience in a combination information security compliance and audits.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
• Excellent written and verbal communication skills and high level of personal integrity
• International business travel is required as per the business needs and priorities

We take care of our employees:

• Highly engaged and empowered work culture
• Continuous learning & development with excellent MNC and global exposure
• Attractive Remuneration Package: Group Medical and Insurance Benefits, Lifestyles Flexi Benefits, Performance Bonus, etc.
• Festive celebration and birthday token
• Office location is accessible via public transport