Join DayOne – Shaping the Future of Data Infrastructure

DayOne is a global leader in the development and operation of high-performance data centers. As one of the fastest-growing companies in the industry, we’ve built a robust presence across Asia and Europe — and we’re just getting started.

As we expand into new international markets, we’re looking for talented, driven individuals to join us on this exciting journey. This is more than a job — it’s an opportunity to be a key contributor to our dynamic team and help shape the future of global data infrastructure.

If you're passionate about innovation, technology, and growth, we invite you to be part of DayOne’s next chapter.

Key Responsibilities

1. Governance and Policy Management

• Support the development, review, maintenance, and communication of information security policies, standards, procedures, and guidelines.
• Assist in ensuring governance documents remain aligned with business operations, regulatory expectations, and industry frameworks.
• Track policy review cycles, approvals, version control, and publication status.
• Coordinate with control owners and stakeholders to ensure policies and procedures are understood and implemented.

2. Risk Management

• Support the maintenance of the cybersecurity risk register, including risk identification, assessment, treatment planning, and tracking of mitigation actions.
• Facilitate risk assessments for systems, projects, third parties, and operational changes.
• Follow up with risk owners on control gaps, remediation progress, and overdue actions.
• Prepare risk summaries, dashboards, and reports for management review.

3. Compliance and Certification Support

• Support activities related to compliance with internal requirements, customer obligations, and external frameworks such as ISO 27001, ISO 27701, SOC 2, PCI DSS, and applicable regulations.
• Assist in the preparation, collection, and organisation of evidence for audits, assessments, certifications, and customer assurance requests.
• Track audit findings, non-conformities, management actions, and remediation closure.
• Help maintain control matrices, compliance trackers, and mapping between frameworks where required.

4. Control Monitoring and Assurance

• Assist in monitoring the implementation and effectiveness of cybersecurity controls across people, process, and technology domains.
• Perform periodic checks on key governance and compliance activities, such as access reviews, policy attestations, risk reviews, training completion, exception tracking, and vendor compliance.
• Support internal control reviews and readiness activities for audit or certification exercises.
• Escalate control gaps, overdue actions, and compliance concerns to the relevant stakeholders.

5. Third-Party and Supplier Risk Support

• Assist with cybersecurity due diligence and risk reviews for vendors, service providers, and third parties.
• Review supplier security questionnaires, compliance evidence, and contractual security requirements.
• Track third-party review status, findings, and remediation actions.
• Coordinate with procurement, legal, privacy, and business owners on third-party security governance matters.

6. Security Awareness and Coordination

• Support cybersecurity awareness, policy communication, and compliance-related training activities.
• Help coordinate periodic awareness campaigns, attestations, and targeted governance communications.
• Assist in preparing management presentations, reports, and board or committee materials where required.
• Promote a culture of accountability and compliance across the organisation.

7. Metrics, Reporting, and Documentation

• Prepare recurring governance and compliance reports, dashboards, and KPI/KRI summaries.
• Maintain accurate documentation of risk assessments, audit evidence, policy exceptions, management actions, and compliance records.
• Support the development of reporting for leadership, audit committees, and management forums.
• Ensure governance records are organised, current, and readily available for audit or review.

Key Deliverables

• Updated cybersecurity policies, standards, and procedures
• Cybersecurity risk register and risk treatment tracking
• Audit and certification evidence packs
• Compliance status dashboards and management reports
• Control monitoring and review records
• Third-party security assessment trackers
• Exception and remediation logs
• Awareness and policy attestation records
• Framework and control mapping documentation

Skills and Qualifications

• Bachelor’s degree in Cybersecurity, Information Security, Information Technology, Risk Management, Audit, or related discipline
• Minimum 2-5 years of experience in cybersecurity governance, risk, compliance, IT audit, or information security
• Good understanding of information security principles, control frameworks, and risk management concepts
• Familiarity with standards and frameworks such as ISO/IEC 27001, ISO/IEC 27701, NIST CSF, SOC 2, PCI DSS, or similar
• Experience supporting audits, compliance reviews, or certification activities
• Strong written and verbal communication skills
• Strong documentation, coordination, and stakeholder management capability
• Good analytical skills with attention to detail
• Proficiency in Microsoft Office applications, especially Excel, Word, and PowerPoint

Preferred Qualifications / Certifications

• ISO/IEC 27001 Lead Implementer, Lead Auditor, or Internal Auditor
• CISA, Security+, or similar certifications
• Familiarity with privacy, risk, and control frameworks
• Experience in data centre, cloud, managed services, or critical infrastructure environments is an advantage

Competencies

• Strong sense of ownership and accountability
• Organised and methodical working style
• Ability to manage multiple tasks and deadlines
• Good judgment in handling governance and compliance matters
• Ability to engage effectively with technical teams, business users, auditors, and management
• Practical approach to balancing security requirements with business realities

DayOne is proud to be an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

If you're ready to grow with one of the fastest-moving companies in the data center industry, apply now and be part of our global journey.