Support daily operations of the GRC team to ensure documentation, compliance administration, and risk monitoring are conducted in accordance with established procedures.
Act as a Document Controller by managing, organizing, and maintaining GRC document repositories (SOPs, policies, guidelines, and audit evidence) to ensure readiness at all times.
Track and monitor the compliance calendar, including regulatory reporting deadlines, ISO certification validity, and policy review schedules, and provide timely reminders to relevant stakeholders.
Provide administrative support for internal and external audits, including collecting required evidence from various departments.
Maintain and update the Risk Register by inputting data based on reports from business units under the guidance of Senior GRC personnel.
Support security awareness programs by assisting with training material preparation and tracking employee participation.
Assist in third-party onboarding processes, including distributing security questionnaires to vendors and collecting their responses.
About You:
Bachelor's degree (S1) in Information Systems, Computer Science, Information Technology, Law (with an interest in technology), or other relevant fields.
At least 1 year of experience in administrative or operational roles within IT, Audit, or Compliance functions.
Highly organized with strong administrative and documentation skills; proficient in productivity tools such as Google Workspace or Microsoft Office (especially Excel/Google Sheets for tracking).
Possess basic IT knowledge, including general understanding of IT infrastructure, information security, and application development life cycles.
Strong communication skills, proactive in following up on documents and coordinating with cross-functional teams.
Excellent attention to detail, ensuring document completeness and compliance with defined standards.
Strong willingness to learn, particularly in regulations (e.g., POJK, Personal Data Protection Law) and GRC frameworks (ISO 27001, ISO 27701, COBIT).
