Contribute to the development and maintenance of IT and information security policies and procedures in accordance with industry standards and applic..
Contribute to the development and maintenance of IT and information security policies and procedures in accordance with industry standards and applicable regulations.
Periodically facilitate IT and information security awareness.
Monitor and assess the organization's compliance with policies, standards, and relevant IT and information security regulations.
Conduct regular compliance audits.
Provide support to Internal and External Auditors regarding the implementation and certification of ISO 27001.
Assist Internal and External Auditors and Compliance team in meeting regulatory and audit requirements.
Participate in the identification, assessment, and monitoring of IT and information security risks.
Support the development and maintenance of the risk register.
Collaborate with the IT and information security team, as well as various business units, to ensure compliance and effectively mitigate risks.
Bachelor's degree in Information Technology, Information Security, or a related field.
Good understanding of GRC concepts and principles of information security.
Basic knowledge of IT Risk, information security regulations such as "Peraturan OJK Manajemen Risiko TI" lembaga jasa keuangan non Bank, or ISO 27001.
Familiarity with information technology and security, including knowledge of security controls.
Strong analytical and problem-solving skills.
Excellent communication skills, both verbal and written.
Ability to compile clear and concise reports.
Quick learner and adaptable to changes in technology and regulations.
Additional certifications such as Cobit, ITIL, ISO 27001, CISA, or similar would be a plus.
Effective team player and ability to collaborate with various stakeholders in the organization.
