携程ONSITE-差旅顾问（上海）(MJ025660)

1. Plan and execute various platform level promotions: include big promotion such as Black Friday or seasonal rebajas, to drive platform level uplift and make the sales reach to new height, and several monthly campaigns which serve different objectives: increase seasonal sub-categories, boost re-purchase rate, assist incubation, drive top brands or top assortment 2. Think from both seller and buyer points of view. 3. Leverage analytical data to point out the critical factors or measurable metrics to enhance promotion performance, improve SOP or raise new promotional initiatives. 4. Work with Product and User Experience Design team to identify improvement areas that can largely improve business results and better user experience.

L1 SOC monitoring (24x7 shift basis) ● L1 SOC monitoring of security alerts 24x7 utilising SIEM, EDR tools, and intrusion detection systems (IDS/IPS) ● Analyse logs, network traffic, end point data or other source logs to identify suspicious activity or indicators of compromise (IoCs). ● Triage and prioritize alerts based on severity, impact, and organizational risk, and perform required escalations and mitigations Incident response ● Perform containment and mitigation actions for incidents. Escalate confirmed or high-risk incidents to L2/L3 analysts or incident response teams. ● Collate required information to complete incident documentation and report if necessary. Governance ● To support the Security GRC team during regulatory inspection, external audit, customer queries, security certificate programs, and internal audit projects to ensure compliance with regulations and customer requirements. ● Perform due diligence to assess the information security posture of our third parties ● Support in any on-site assessments of our third party / outsourced parties Vulnerability & threat intelligence: ● Stay updated on emerging threats through threat intelligence

1. Support Head of Compliance, Malaysia to establish and implement a robust compliance program to ensure compliance with all relevant laws, regulations in Malaysia and internal policies； 2. Responsible for handling submissions, regulatory enquiries, audits and maintain good working relationship with the regulatory authorities in Malaysia, including coordination for any on-site inspection, if required； 3. Lead and support applications for, and continuing maintenance of, money lending institutions (online, offline, Islamic financing), payment institutions, payment systems, e-wallet licenses and other similar Fintech-related business licenses in Malaysia； 4. Provide sound advice and recommendations to relevant stakeholders on matters pertaining to regulatory and licensing issues for the licensed money lending institutions and payment institutions in Malaysia； 5. Identify and manage regulatory risks, act as a point of escalation for any policy and regulatory breaches to senior management； 6. Help formulate, review and maintain compliance framework, policies and procedures to ensure ongoing compliance with relevant laws and regulations in Malaysia； 7. Conduct periodic internal compliance trainings and compliance risk assessments.

1. Work with each regulated entities’ compliance officers to standardize and harmonize the regulated entities’ outsourcing policies & procedures, develop and maintain an overarching outsourcing framework to manage the risks associated with its outsourced activities, including due diligence processes； 2. Act as the owner and subject matter expert of the outsourcing framework and supporting procedures, working closely with leadership teams, Legal, Compliance, Product teams, Risk Teams, Technology, etc. to ensure these outsourcing functions are meeting regulatory requirements in these licensed jurisdictions； 3. Manage internal governance (including Outsourcing Committee(s) where relevant and approval process are in place and prepare all necessary information for Management approval, at Board level, etc., as appropriate； 4. Work closely with Compliance on regulatory notifications and interactions； 5. Act as primary interface between Legal and the regulated entities in the execution of inter-company agreements, including amendments； 6. Maintain the Outsourcing Register across multiple entities in conjunction with Compliance and Management Teams； 7. Manage the internal monitoring and oversight process, including collating data, challenging service recipients, identifying improvements, tracking actions to completion and reporting to the relevant governance forums up to and included Board level of the regulated entities； 8. Engage in periodic service reviews to ensure that all contracts remain consistent with services delivered and that Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) remain within agreed tolerances； 9. Work with Compliance officers to complete regulatory submissions, as required. Assist business functions in responding to regulatory queries, on-site visit preparation and follow-on requests for information； 10. Participate as necessary in projects for the termination of any outsourced service； 11. Serve as the outsourcing SME on matters related to the outsourcing operations and framework.