Enable job alerts via email!
IT GRC
Pengiklan Anonim
Jakarta Pusat
On-site
IDR 200.000.000 - 300.000.000
Full time
Job summary
A technology company in Jakarta Pusat is seeking an IT Security Governance expert to develop policies, ensure compliance with regulations such as GDPR and PCI-DSS, and manage IT audits. The ideal candidate should have a degree in Information Technology, 3-5 years of experience in Governance, Risk, and Compliance, and relevant certifications such as CISSP or equivalent. Strong communication and problem-solving skills are essential, along with a proactive approach to security incidents.
Qualifications
- 3–5 years of experience in Governance, Risk, and Compliance (GRC).
- Relevant professional certifications such as CISSP, CISA, CISM, or equivalent.
- Prior experience in Payment Gateway or Financial Services is a plus.
Responsibilities
- Develop, review, and update IT policies and procedures.
- Ensure compliance with GDPR, PCI-DSS, ISO 27001, and SOX.
- Perform IT audits and follow up on findings.
Skills
Education
Tools
Job description
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
Relevant professional certifications (at least one required), such as:
CISSP, CISA, CISM, CEH, ISO 27001 Lead Implementer, or equivalent.
Minimum 3–5 years of experience in Governance, Risk, and Compliance (GRC).
Prior experience in Payment Gateway, or Financial Services industry is a strong plus.
Solid experience in security audits and ensuring compliance with industry standards (e.g., PCI DSS, ISO 27001, NIST) and local regulations (e.g., Bank Indonesia, OJK).
Proficient in developing and implementing IT security policies and procedures.
Capable of conducting risk assessments and preparing comprehensive security documentation.
Deep knowledge of security frameworks such as ISO 27001, NIST CSF, COBIT, or equivalent.
Ability to conduct security awareness training across different levels of the organization.
Strong communication skills, especially in presenting security findings and recommendations to non-technical stakeholders.
Collaborative mindset with the ability to work cross-functionally with IT, compliance, legal, and business teams.
Proactive problem-solver with the ability to respond quickly and effectively in security incidents.
Develop, review, and update IT policies, procedures, and standards to ensure alignment with business objectives and regulatory requirements.
Ensure the company complies with relevant regulations, including but not limited to GDPR, PCI-DSS, ISO 27001, and SOX.
Coordinate with the Legal & Compliance teams to ensure regulatory alignment.
Manage IT audits and properly follow up on audit findings.
Conduct training and awareness programs on compliance requirements and best practices for employees.
Develop and maintain IT-related disaster recovery and business continuity plans.
Maintain an up-to-date list of IT and cybersecurity risks, along with corresponding mitigation plans.
Responsible for maintaining the information security system by adhering to security policies, protecting company data, and reporting any suspicious activities that may threaten information security.
What's your expected monthly basic salary?
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
