IT Governance Strategist

Company Description

Indodana Fintech is an OJK-licensed financial technology company that operates a credit marketplace for peer-to-peer loans. Our mission is to achieve financial inclusion by enabling lenders to provide loans to the 100 million underbanked Indonesians. Leveraging sophisticated big data and artificial intelligence technologies, we connect hundreds of lenders with creditworthy borrowers every day.

Our team hailed from Silicon Valley Tech companies such as Google, Microsoft, LinkedIn and Sofi as well as Indonesian startups such as Doku, Touchten. We have graduates from well known universities such as Universitas Indonesia, ITB, Stanford, University of Washington, Cornell and many others. We are building a company with the same culture of openness, transparency, drive and meritocracy as Silicon Valley companies. Join us in our cause to build a world class fintech company in Indonesia.

• Make recommendations to senior management to create IT GRC policies that would improve internal control and security posture of the company while satisfying the consideration of all stakeholders including: business users, HR, compliance, legal, and others.
• Become the main PIC to drive change management and implementation for IT GRC policies.
• Become the main PIC for communicating things related to IT Security, Risk, Governance and Compliance for both internal and external stakeholders.
• Work closely with senior management personnel across the organization to understand the organization’s contexts, strategy and governance needs to adapt policies accordingly.
• Liaise with stakeholders to design effective governance policies for company operations and regulatory compliance.
• Work with the security, data, compliance, and legal teams to redefine the requirements of our systems’ implementation and processes.
• Oversee the implementation of the governance policies across the organization.
• Contribute to the improvements of the company’s security policies and processes.

• Bachelor's degree in computer science or related fields, or equivalent work experience.
• Good logical & problem solving skills.
• Excellent verbal/written communication & organizational skills.
• Leadership and negotiation skills.
• Deep experience in implementing cybersecurity standards such as ISO 27001, PCI-DSS, and SOC2.
• Deep experience in implementing cybersecurity rules as directed by regulators like personal data protection, financial regulations from OJK, etc.
• Deep experience and practical knowledge on how the industry implements cybersecurity frameworks.
• Extensive experience (10 years or more) in cybersecurity and IT governance industry is preferred.
• Advanced degree or cybersecurity certification (CISSP, CISA) is a plus.
• Data Protection Officer certification is a plus.
• Experience in the financing industry is a plus.