Develop and implement a comprehensive cybersecurity strategy aligned with business objectives.
Oversee the organization's information security policies and procedures.
Manage and lead the cybersecurity team, ensuring effective implementation and monitoring of security controls.
Ensure compliance with cybersecurity and privacy regulations.
Collaborate with executive management to integrate cybersecurity practices into business operations.
Evaluate and address potential security risks related to enterprise, network, and cloud environments.
Communicate security (related concepts to stakeholders at all levels, ensuring clear understanding and compliance).
Oversaw the creation, development, and review the implementation of IT policies and procedures across all department.
Led the assessment of IT governance, establishing security standards, procedures, and controls to mitigate identified risks.
Conducted comprehensive IT risk assessments, ensuring compliance with new business onboarding or product changes.
Provided technical security insights for auditors and executed regular internal audits in alignment with organizational policies.
Requirements
Experience as Information Security, IT Governance, Risk, and Compliance (IT GRC) Lead in banking or the financial service industry (minimum 5 until 7 years of experience)
Experience in developing and maintaining IT and/or information security policies and procedures
Demonstrate good communication and writing skills
Proven experience in implementing and/or auditing ISO 27001 standards
Good understanding of the applicable regulatory requirements (such as OJK)
One or more of the following or equivalent certifications preferred: CISA, CRISC, CISM, CISSP
