We met with WadizInformation Security Team, which protects and manages Wadizdata and services to ensure that our 5 million members can use our platform safely!
Hello, could you please introduce yourself?
Yeon Su-kwon: Hello. I’m Yeon Su-kwon, and I serve as the CISO (Chief Information Security Officer) Wadiz. Drawing on my nearly 20 years of experience working at major game companies and online shopping platforms, I am dedicated to enhancing Wadizsecurity standards.
Personally, I have a strong interest in information security and the Information Security Management System for Personal Information (ISMS-P), as well as cloud security. Living in the age of cloud services, I’m paying close attention to how security management systems should be established and operated in cloud environments. As a leader, I’m also deeply committed to the growth and development of my team members.
*CISO: Chief Information Security Officer
Kim Chang-hyun: Hello . I’m Kim Chang-hyun , and I work in the Information Security Team, where I’m responsible for personal data protection. These days, my hobbies include collecting figurines based on movies I’ve watched and finding unique gifts for my two children. I often participate in Wadiz crowdfunding campaigns to support these hobbies!
Please tell us about your current role and team!
Yeonsu-kwon Pro: I oversee all information security operations. I establish and manage information security and personal data protection management systems to safeguard Wadizcritical information and assets. My responsibilities encompass the full spectrum of technical and administrative security tasks, including vulnerability assessments, incident response, security solution operations, the development of information security policies, and personal data protection. The Information Security Team takes the lead in addressing and resolving any other issues related to Wadizinformation security.
The Information Security Team reports directly to the CEO and is responsible for ensuring the stability of Wadiz services and business operations. Within the various fields of information security, each team member focuses on the tasks they excel at, while actively supporting others where collaboration is needed. It’s a structure where we work “separately yet together.” We prioritize an atmosphere where team members can freely concentrate on their work, and we support one another to fill in any gaps.
Kim Chang-hyun: The Information Security Team is responsible for protecting Wadizcritical information and services, as well as safeguarding our users’ personal data. Because our work involves protecting information behind the scenes, many people are curious about what we actually do. Sometimes, when people see us rushing around, they worry that a security incident might have occurred. That’s why we always try to look as calm and composed as possible 😉
I provide guidance to ensure that Wadiz employees can fully comply with privacy laws. I am also responsible for establishing and managing policies to safely protect the personal information of supporters and makers who use the Wadiz service.
How did you all come to join Wadiz?
Yeonsu-kwon Pro: I’ve worked in the information security field for over 20 years and have experience at many different companies. I’ve experienced a wide range of organizational cultures and systems, and when I visited Wadizcareer site, I discovered an organizational culture that was different from the companies I’ve worked at in the past.
At first, I wasn’t sure if it aligned with the company’s principles. But the fact that they could include such a statement as their number one principle felt refreshing. Of course, I did wonder if it was just something they put on their recruitment site 😅. Still, it was a major factor in my decision to apply Wadiz. Now that I’m here, I feel the organizational culture is a great fit for me, so I believe it was a wise choice.
Kim Chang-hyun: " I wanted to further my growth by gaining experience at a financial institution—the ultimate challenge in the field of data protection . I was also drawn to the fact that it’s located in Pangyo, a hub for various IT companies. Once I realized it was exactly what I was looking for, I applied without hesitation and joined the team."
What are the most important skills and experience required for this role?
Yeonsu-gu Pro: Naturally, in-depth knowledge and experience in the field are essential for performing information security tasks. This includes vulnerability assessments, incident response, security solution operations, the development of information security policies, and personal data protection. Furthermore, information security tasks are organically interconnected within the framework of an information security management system. Therefore, knowledge and understanding of other security-related tasks are also necessary.
It’s also a good idea to build your knowledge of the latest IT trends, technologies, and the company’s business operations. Since the IT technologies used by the company evolve rapidly, information security must adapt accordingly. I believe that information security is only truly complete when you have a clear understanding of the company’s business.
One more thing: since information security requires communication with all company employees, flexible and positive communication helps ensure that work proceeds efficiently.
Do you have any current projects or tasks, or any memorable projects (as a maker)?
Kim Chang-hyun: When I first joinedWadiz, it was a single company operating Wadiz. The project to split the company into Wadiz Wadiza merger-and-split is what stands out most in my memory. On the surface, it seemed like simply splitting one company’s business into two separate legal entities, but from an information security and personal data perspective, it was a project that required a great deal of careful consideration. We had to redesign the system to separate information assets and the member database, and we also had to revise all the guidance regarding the handling of personal information within the user journey on Wadiz and app. There were many other tasks as well that I can’t fully describe here. The major work was finally completed when we notified users that their personal information had been safely transferred following the corporate separation. It was a challenging time, but it has become a valuable asset to me.
Do you have any personal convictions or principles that you always try to uphold at work?
Yeonsu-kwon Pro: Wadizis committed to safeguarding our customers’ personal information. To this end, we take a meticulous approach from the ground up, ensuring no detail is overlooked in both our technical and administrative systems. By maintaining a solid foundation, we can minimize the likelihood of issues arising. Furthermore, we believe that even if a problem does occur, we are fully capable of addressing it and making the necessary improvements.
In that sense, the 10 ways Wadizmascot, Jin-guk, worksall seem to be principles that stick to the basics. Moving forward, as a senior team member with extensive experience, I plan to focus on “working hard to find ways to pass my responsibilities on to my team members.”
Kim Chang-hyun: Since my work primarily involves interpreting legal matters, I try to prioritize the perspectives of the supporters and makers who use Wadiz service over those of the company when making decisions. As a result, I often end up suggesting changes to service proposals unintentionally. I always feel bad about this toward the service planners and developers. Fortunately, they are very understanding of my position. I’d like to take this opportunity to thank you all!
When do you feel happiest working Wadiz?
Kim Chang-hyun: When team members gather to freely exchange ideas! In reality, many companies—especially smaller ones—have only one person in charge of security. Wadiz, we place a high priority on information security and personal data protection. As a result, we have a large team dedicated to these areas. Although our core areas of expertise differ, we share a common understanding of the broader picture, so no matter the topic, everyone freely exchanges opinions and shares their experiences.
What kind of new colleagues would you like to work with in the future?
If you have any tips for those interested in joining Wadiz, please share them!
Training Program: I want to work with colleagues who can collaborate seamlessly, constantly identify problems, and take the initiative to solve them. If you’re someone who can continuously support others to overcome individual limitations and radiate positive energy, join the Wadiz Information Security Team!
Kim Chang-hyun: Of the fiveWadiz principles, I most strongly identify with “Meeting the needs of our team members,” and I always make this my top priority in my work. Everyone has their own unique experiences, and the lessons learned from them become valuable assets. I hope to welcome colleagues who are willing to generously share these individual experiences and lessons, so that we can positively influence one another and grow together.
An honest and sincere attitude is what matters most! No one is perfect—no one knows everything. Your teammates can make up for your shortcomings, and we look forward to you filling in the gaps where your teammates may fall short.
The Information Security Team works to ensure the stable operation of Wadiz and to safeguard our customers' valuable information.
We look forward to welcoming someone who wants to help us build a secure service!
