IT Governance, Risk & Compliance Specialist
Company prefers not to disclose
Full-Time · On-site
3 - 5 years of experience
This job was closed
Job Requirements
On-site
3 - 5 years of experience
This job post is managed by
Oktrido ASRIALDI
Skills
Job description for IT Governance, Risk & Compliance Specialist at DANA Indonesia
JOB DESCRIPTION
The role of Governance, Risk & Compliance Specialist is to assist Head of GRC for comprehensive security governance, risk, and control throughout the enterprise.
Develop, socialize, enforce, and evaluate security controls towards Confidentiality, Integrity, and Availability and relevant security standards and best practice (e.g. ISO, NIST, PCI-DSS, CIS)
Develop and implement security awareness session through workshops and campaigns.
Assist preparation and evidence collections related to security best practices and standards (ISO 27001, PCI-DSS, NIST)
Develop relevant policies, procedures, standards, guidelines, and forms related to the security control implementation by considering agility, simplicity, and performance
Coordinate with red team to perform regular and continuous social engineering exercises and campaign to improve user awareness.
Coordinate with blue team to perform security compliance review, detect and escalate if security anomaly found, and perform continuous improvement toward critical controls.
As a focal point for external party audit activity and suggest supporting functions and control needed.
JOB REQUIREMENTS
§ BSc degree Computer Science/Cyber Security (or related field).
§ Have minimum 3 years working experience of security engineer, specifically in Governance, Risk & Compliance field.
§ Familiar with risk management framework and its implementation, security vulnerability theory, security policy and regulation
§ Strong written and verbal communication skills in English and Bahasa Indonesia
1)Minimum Requirements (must-have skills, experience or exposure):
§ Information security experience in projects and/or small companies with minimum 3 years
§ Lead multi parties and multi-level counterparts for security certification and compliance.
§ Experience to perform thorough assessment, audit, and recommendation.
2) Core competencies:
§ Leadership
§ Communication
§ Influencing
§ Problem solving
§ Risk management
3) Good to have skills:
§ Audit and consulting (e.g. CISA certified)
§ Business acumen
About the company
#GANTIDOMPET DANA is a TechFin company that aims to bring in inclusive financial services to empower people for a better living. We aim to be one of the Pillar of Digital Economy in Indonesia by enabling the society to transact seamlessly. As a highly secured and scalable payment service platform to connect everyone based on world class technology, our goal is to provide Indonesia with a trustworthy and convenient mobile payment system to cater the needs of our customers, and sustainable profitable business for our stakeholders. Join us and together we build Indonesia cashless society.
Glints Safety Tips
Legitimate employers won’t ask for contact Telegram or any kind of top-ups or payment. Do not provide your messaging app contacts, bank details, or credit card information.
Learn More