Develop and maintain IT policies, standards, and procedures according to applicable internal and external requirements, including the applicable regulations in Indonesia
Coordinate with compliance to ensure that every initiative, development, and collaboration is complying with standards (internal and external)
Conduct a routine evaluation of policies and procedures implementation and ensure best practice risk mitigation and assessment functions are maintained to comply with the company's strategy
Act as a liaison officer between IT user and external / internal auditor to meet the requirement and supply any advisory and sufficient data
Implement a good governance organization using the ISO27001 framework or others
Maintain key risk indicator (KRI) and risk control assessment (RCSA) related IT with the relevant department in order to assess the effectiveness of any control and identify new risks
Requirements
Demonstrate good communication and writing skills
Proficient with English written and verbal
Experience in creating and maintaining IT and/or information security policies and procedures
Prior experience in implementing ISO 27001, ITIL, COBIT, and/or PCI-DSS standards
Familiarity with local and regional regulatory requirements and how they impact IT policies (prior experience will be an advantage)
