About the Role
We are seeking a highly skilled IT GRC Technical Lead who possesses a unique blend of deep compliance knowledge and robust technical operational capabilities. In this role, you will go beyond administrative oversight; you will act as a primary technical advisor in designing secure systems, auditing complex infrastructures, and ensuring risk mitigation strategies are effectively implemented at both the code and architectural levels.
Key Responsibilities
- Lead the design and implementation of IT Governance, Risk, and Compliance (GRC) frameworks that align with client business objectives and international standards.
- Conduct advanced technical risk assessments across cloud infrastructure, networks, and applications to identify systemic vulnerabilities.
- Lead complex IT audits and provide data-driven remediation recommendations to enhance operational security and efficiency.
- Ensure all technical systems comply with stringent local regulations (PBI, POJK) as well as global standards.
- Serve as the Subject Matter Expert (SME) for clients regarding cybersecurity, Disaster Recovery Planning (DRP) strategies, and data governance.
- Act as a technical mentor for team members, refining their technical audit methodologies and professional growth.
Requirements
- Minimum of 6-8 years of experience in IT GRC, IT Compliance, or IT Audit.
- Must hold active professional certifications such as CISA, CISM, or CISSP. Additional certifications like ISO 27001 Lead Auditor/Implementer are highly preferred.
- Comprehensive understanding of Indonesian banking and financial regulations (POJK & PBI) and global frameworks (COBIT 2019, ITIL 4).
- Strategic communication skills with the ability to negotiate and present complex technical findings to C-level executives.
- Exceptional ability to dissect complex technical issues and translate them into practical, high-level governance solutions.
