We are hiring on behalf of PT. MNC Kapital Indonesia Tbk., MNC Kapital Indonesiawas established in 1999 and went public in 2001 with the ticker code: BCAP. Leveraging innovation and the latest technology, MNC Kapital has created an integrated digital financial ecosystem comprising three main business groups:Banking, Capital Market, and Insurance.
Position objective:
To lead and oversee the risk management and compliance functions at the holding level, and to ensure the effective, standardized, and smooth implementation of ISO/IEC 27001 across all subsidiaries under PT MNC Kapital Indonesia Tbk.
Key Responsibilities:
Risk Management & Compliance
- Develop, implement, and evaluate enterprise-wide risk and compliance policies and procedures in line with regulatory requirements from OJK, Bank Indonesia, and other relevant authorities.
- Conduct risk assessments covering strategic, operational, compliance, and IT-related risks across subsidiaries.
- Provide risk mitigation recommendations and ensure timely follow-up and resolution.
ISO/IEC 27001 Implementation Oversight
- Supervise and ensure smooth implementation of ISO/IEC 27001 at subsidiaries, including planning, execution, internal audits, corrective actions, and certification readiness.
- Act as the key coordinator between the holding company and the subsidiaries&apos ISO implementation teams.
- Provide technical assistance and guidance in implementing Information Security Management Systems (ISMS).
- Monitor and report the progress of ISO/IEC 27001 implementation to executive management on a regular basis.
Audit & Inspections
- Collaborate with internal and external auditors on ISO 27001 audits, risk-based audits, and compliance audits.
- Oversee the closure and resolution of audit findings.
Training & Awareness
- Develop and deliver training programs related to risk, compliance, and information security for all business units and subsidiaries.
- Promote a strong culture of compliance and information security awareness throughout the organization.
Coordination & Reporting
- Prepare and present periodic reports to the Board of Directors and relevant committees on risk exposure, compliance status, and ISO 27001 implementation.
- Act as the primary liaison for regulators, auditors, and executive management on all risk and compliance matters.
Qualifications:
- Bachelors degree in Law, Information Technology, Risk Management, or related fields.
- Minimum 8 years of experience in risk management and compliance, with at least 3 years in a leadership or managerial position.
- Proven experience in managing ISO/IEC 27001 implementation from initiation to successful certification is mandatory.
- ISO/IEC 27001 Lead Implementer or Lead Auditor certification is highly preferred.
- Hands-on experience in coding and IT infrastructure is required.
- Strong understanding of financial services regulations from OJK and Bank Indonesia.
- Excellent leadership, communication, coordination, and stakeholder management skills.
- High attention to detail, strong integrity, and the ability to work effectively across departments and subsidiaries.
