Conduct regular risk assessments to identify and evaluate potential risks associated with IT processes, systems
and data;
Develop and maintain a compliance framework, and conduct audits and assessments of compliance with
established standards;
Develop and update IT policies, procedures, and forms;
Design and implement controls and security measures to mitigate identified risks;
Provide training and awareness programs on IT security and compliance policies; and
Maintaining accurate and up-to-date documentation related to IT governance, risk, and compliance activities.
Requirements
Minimum total work experience >= 3 years
Total work experience in the same position/field >= 1 year
In-depth understanding of the ISO 27001 IT risk management framework (e.g., ISO 27001, ISO 31000, NIST, or equivalent).
Knowledge of policies and procedures related to information security, IT risk control, and compliance with relevant regulations (including regulations from the Financial Services Authority).
Experience in implementing IT policies, internal controls, and auditing related to IT systems.
Skills in developing policies and procedures relevant to IT Governance and ensuring their effective implementation throughout the organization.
Analytical and strategic thinking skills to effectively identify and manage information technology risks.
Good communication skills in Indonesian and English (verbal and written).