Calling out all Indonesian Security Governance Analyst!
Location: Batam
About the role: This role is responsible for strengthening AIAS local technology governance and control environment through oversight of IT deviation management, technology issue tracking, and governance document management. It manages the end-to-end lifecycle of IT deviations and technology issues within the GRC platform to ensure timely remediation, appropriate risk assessment and compliance with governance requirements. The role also supports technology-related due diligence activities and ensures local Technology Governance documents remain current, fit-for-purpose and aligned with Group standards, contributing to a robust and well-controlled technology risk framework.
Requirements:
- 3–5 years of relevant experience in IT governance, technology risk management, IT audit, cybersecurity, or GRC-related roles, preferably within financial services, insurance, or consulting/audit firms supporting regulated institutions.
- Hands-on experience with IT deviation management, issue tracking, or control remediation using GRC platforms.
- Working knowledge of technology governance frameworks, policies and standards, including document lifecycle management.
- Experience supporting audit, regulatory reviews, or due diligence activities, including preparation of evidence and management reporting.
- Exposure to Group vs local governance models and operating within a multi-entity or regional structure is an advantage.
Certifications (Desirable): Relevant professional certifications such as CISA, CISM, CRISC, CISSP, or equivalent qualifications are preferred.
Roles and Responsibilities:
- Facilitate the end-to-end IT deviation management process and oversee the tracking and monitoring of technology issues within the GRC platform.
- Manage the full lifecycle of IT deviation requests, including submission, review, approval, monitoring of validity periods, and timely closure or renewal.
- Coordinate with requestors, risk reviewers and approvers to validate justifications, assess risks, and ensure alignment with Technology Governance requirements.
- Monitor all technology-related issues (e.g. audit findings, control gaps, risk issues) logged in the GRC platform, ensuring remediation actions are completed on time and closed with adequate justification and supporting evidence.
- Track issue and deviation statuses, follow up on overdue items, and maintain accurate records to support audit, regulatory and management reporting.
- Provide management insights and trend analysis on deviations and technology issues to support continuous improvement of governance and control effectiveness.
- Support technology-related due diligence and assurance activities with business partners, including preparation of evidence and coordination of responses or reviews.
- Own the end-to-end management of local Technology Governance documents, including publication, review, maintenance and archival.
- Maintain a centralized governance document register and monitor review cycles, ownership and approval status.
- Ensure governance documents are fit for purpose, aligned with Group requirements and applicable to the local business unit, and follow up with document owners on due and overdue reviews.
- Support audit, regulatory and management reporting, and drive continuous improvement of governance document management processes.
Other responsibilities:
- Support team initiatives and participate in ad-hoc projects to enhance technology governance, risk management and control assurance.
- Contribute to process improvements and documentation updates to strengthen operational efficiency.
- Assist in the preparation of management reports, dashboards and presentations as required.
- Provide administrative and coordination support for audits, reviews and governance committees.
