Technology Governance, Risk, and Compliance Consultant (Manager)

We invite highly motivated and dynamic individuals to join our Digital Trust & Cyber team at KPMG. As Manager of Technology Governance, Risk, and Compliance, your responsibilities will include overseeing the development and implementation of governance frameworks, managing risk assessments and mitigation strategies, ensuring compliance with regulatory requirements, and collaborating with cross-functional teams to enhance the organization's technology processes. You will also provide guidance and support in internal audits and develop policies to safeguard information assets.

What you will do:

• Governance Framework Development: Assist in the creation and maintenance of policies, procedures, and standards that ensure effective technology governance across the organization
• Maturity Assessment: Utilize COBIT's defined maturity models to evaluate the maturity level of IT processes, thereby determining the degree to which these processes are established and consistently executed within the organization
• Risk Assessment Framework: Align the risk assessment framework with relevant regulatory requirements and governance standards to ensure comprehensive risk management
• Risk Assessment and Management: Determine potential risks related to technology, including hardware, software, networks, data, physical environment, and personnel
• Third-party Risk Management: Conduct an evaluation of the third party's risk profile, including their security measures, and adherence to regulatory requirements
• Compliance Management: Ensure that the organization adheres to relevant regulatory and compliance standards, such as data protection laws and industry-specific regulations
• Audit Support: assessing the security of the systems, the reliability and accuracy of the data, and the overall efficiency of IT operations
• Education and Training: Conduct training sessions and workshops to raise awareness and understanding of governance, risk, and compliance framework
• Reporting: Prepare detailed reports and presentations for senior management and stakeholders, detailing risk assessments, compliance status, and governance initiatives.

Desired skills & experience

• A bachelor's degree in information technology, Computer Science, Information System or a related field from a reputable university, with a minimum GPA of 3.0 (on a 4.0 scale)
• Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM): or equivalent credentials highly desirable.
• A minimum 6 years of relevant experience, preferably within consulting firms.
• Expertise in ICFoR/SOX compliance, risk management, regulatory framework, and governance models
• Having IT audit experience based on PBI No. 23/6/PBI/2021 (PJP), PBI No. 2 of 2024 and PADG No. 24 of 2024 (KKS), POJK No. 21 (LDBU), POJK No.11/POJK.03/2022 (PTI).
• Strong verbal and written communication skills in both English and Indonesian, with the ability to convey complex information clearly and effectively
• Proficiency in developing high quality materials and deliverables, such as PowerPoint presentations, Excel models, and written reports with attention to details
• Demonstrated ability to manage multiple projects, tasks, and deadlines in a fast-paced, dynamic environment, with strong interpersonal skills to collaborate effectively.

Only shortlisted candidates will be contacted by KPMG Siddharta Advisory Recruitment team. All applicants information and personal data will be treated as strictly confidential and used for recruitment purposes only.