IT Compliance

IT Compliance & Governance

• Develop, maintain, and enforce IT policies, standards, and procedures aligned with ISO 27001, ISO 22301, and PCI DSS requirements.

• Manage and regularly review IT fixed assets (request, manage active devices, and disposal)- Monitoring IT Security weekly checking (Office, EDR, SAS Alert, and J-Sec).

• Conduct internal compliance assessments, risk evaluations, and control testing to ensure adherence to corporate governance and regulatory standards.

• Coordinate IT audit activities and ensure timely closure of audit findings and risk mitigation actions.

• Support business continuity and disaster recovery planning (BCP/DRP) and ensure readiness through periodic tests and documentation.

• Handle IT Support user and change request (Office365, anti virus, firewall, and windows patch).

• Provide compliance advisory and training to IT and business teams to promote awareness of security, governance, and ethical practices.

• Collaborate with regional or headquarter governance teams to align local compliance initiatives with global standards.

• Familiar with IT Compliance Frameworks and Standards (ISO 27001, ISO 22301, PCI DSS, COBIT, NIST, and UU PDP)

• Technical Support (troubleshooting hardware/software issues, UEM (Unified Endpoint Management), MFA, and VPN Global Protect)

• IT Infrastructure Management (Servers, networking, and storage (windows server, linux environment) is a plus.

• Business Continuity & Disaster Recovery (BCP&DRP): BCP exercise (firedrill, natural disaster, man-made disaster, and cybersecurity monitoring and detection).

• Developing and Implementing IT Security Policies

• Privacy Policies (e.g., Data Protection & Confidentiality) IT Audit and Compliance Checklists (Self assessment)

Education: Bachelor's Degree / S1 (Information Technology, Computer Science, Information System, or a related field).

• 3+ years of experience IT Compliance, governance, audit, or information security.

• Excellent analytical, documentation, and communication skills.

• Strong understanding of IT GRC frameworks (COBIT, ISO 27001, ISO 22301, PCI DSS or NIST)- Professional certifications such as CISA, ISO 27001 Lead Implementer/Auditor, or ITIL are advantageous.