IT Risk

Develop, refine and implement information security policies, procedures and guidelines to meet compliance and regulatory requirements

Ensure compliance with Local and Group policies and procedures

Lead and execute risk and vulnerabilities analysis for various IT systems and processes

Identify risks and controls necessary to remediate identified risks and vulnerabilities; ensure that remediation is done effectively

Act as a liaison to internal/external auditors, fulfil audit requests, coordinate audit activities with IT stakeholders, and ensure implementation of audit recommendation

Coordinate engagements with regulators, including periodic reporting, preparation of presentations and written deliverables of regulatory requirements

Conduct IT risk assessment, implementation, and execution of risk management processes from identification, assessment, decision, monitoring to reporting

Review Disaster Recovery plans for new apps before going live, and for existing apps at least once a year

Setting the right priorities regarding IT risks by challenging and advising first-line departments

At least a bachelor’s degree in Information Technology, Computer Science, or equivalent

Have 7+ years of experience in IT governance, risk management, compliance, internal controls, audit role(s)

Have a strong technical knowledge of information security principles and risk management practices

Have a broad understanding of information security policies and standards, as well as regulatory and compliance frameworks (e.g. ISO27001, PCI-DSS, GR & POJK)

Have strong oral and written communication skills; proficient in English; good at building and maintaining relationships with others

Experience working with Internal Audit, Risk Management, and Legal & Compliance functions

Knowledge of, or experience working with, Cloud technologies/environments is a plus

CISSP, CRISC, CISA, CISM or similar certifications a plus