IT Governance, Risk and Compliance (Senior Level)

Are you passionate about building secure, compliant, and well-governed IT environments? We are looking for an experienced IT GRC Specialist to join our team and play a critical role in strengthening our IT governance framework and risk management capabilities.

• Bachelor's or Master’s degree in Computer Science, Information Technology, Business Administration, or related fields.
• Minimum 6 years of progressive experience in IT Governance, IT Risk Management, IT Audit, or IT Compliance.
• Preferred Certifications (strong plus): Certified Information Systems Auditor (CISA), Certified in Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM), ITIL or COBIT (especially COBIT 5 / COBIT 2019)
• Develop, implement, and continuously improve IT governance frameworks aligned with COBIT, ISO 27001, and ISO 31000.
• Perform IT risk assessments, define mitigation plans, and monitor risk postures.
• Ensure ongoing compliance with key regulations like SOX, GDPR, HIPAA, PCI DSS, and local data privacy laws (Indonesia’s PDP Law).
• Collaborate with internal/external audit teams; manage audit findings and ensure timely closure.
• Standardize IT policies, procedures, and control documents across business units.
• Support alignment of IT controls with NIST Cybersecurity Framework and other relevant standards.
• Manage or assist in implementing GRC platforms (e.g., RSA Archer, ServiceNow GRC, MetricStream, OneTrust).
• Report regularly on risk trends and compliance metrics to senior leadership or audit committees.
• Drive GRC awareness across the organization through training, workshops, and internal communication.
• Proven leadership with the ability to influence cross-functional teams.
• Excellent communication and presentation skills — able to convey complex ideas to both technical and executive stakeholders.
• Strong analytical and problem-solving skills.
• High integrity and ability to manage confidential or sensitive information.