IT Governance Strategist

Indodana Fintech is an OJK-licensed financial technology company that operates a credit marketplace for peer-to-peer loans. Our mission is to achieve financial inclusion by enabling lenders to provide loans to the 100 million underbanked Indonesians. Leveraging sophisticated big data and artificial intelligence technologies, we connect hundreds of lenders with creditworthy borrowers every day. Our team hailed from Silicon Valley Tech companies such as Google, Microsoft, LinkedIn and Sofi as well as Indonesian startups such as Doku, Touchten. We have graduates from well known universities such as Universitas Indonesia, ITB, Stanford, University of Washington, Cornell and many others. We are building a company with the same culture of openness, transparency, drive and meritocracy as Silicon Valley companies. Join us in our cause to build a world class fintech company in Indonesia.

• Make recommendations to senior management (BOD, VP of Engineering, VP of Product, Head of Sales) to create IT GRC policies that would improve internal control and security posture of the company while satisfying the consideration of all stakeholders including: business users, HR, compliance, legal, and others
• Become the main PIC to drive change management and implementation for IT GRC policies.
• Become the main PIC for communicating things related to IT Security, Risk, Governance and Compliance for both internal and external stakeholders.
• Working closely with senior management personnel across the organization to understand the organization’s contexts, strategy and governance needs to adapt policies accordingly
• Liaising with stakeholders to design effective governance policies for company operations and regulatory compliance
• Working with the security, data, compliance, and legal teams to redefine the requirements of our systems’ implementation and processes
• Overseeing the implementation of the governance policies across the organization
• Contributing to the improvements of the company’s security policies and processes

• Extensive experience (10 years or more) in cybersecurity and IT governance industry
• Bachelor's degree in computer science or related fields, or equivalent work experience
• Good logical & problem solving skills
• Must have excellent verbal/written communication (especially verbal communication) & organizational skills because you will be interacting with CEO, CTO, Board of Directors, Investors, Regulators like OJK, BI, Kominfo, etc on day to day basis.
• Must have proven leadership and negotiation skills
• Deep experience in implementing cybersecurity standards such as ISO 27001, PCI-DSS, and SOC2
• Deep experience in implementing cybersecurity rules as directed by regulators like personal data protection, financial regulations from OJK, etc.
• Deep experience and practical knowledge on how the industry implements cybersecurity frameworks
• Advanced degree or cybersecurity certification (CISSP, CISA) is a plus
• Data Protection Officer certification is a plus
• Experience in the financing industry is a plus