Deskripsi Pekerjaan:

• Develop and maintain IT policies, standards, and procedures according to applicable internal and external requirements, including the applicable regulations in Indonesia
• Coordinate with compliance to ensure that every initiative, development, and collaboration is complying with standards (internal and external)
• Conduct a routine evaluation of policies and procedures implementation and ensure best practice risk mitigation and assessment functions are maintained to comply with the company's strategy
• Act as a liaison officer between IT user and external / internal auditor to meet the requirement and supply any advisory and sufficient data
• Implement a good governance organization using the ISO27001 framework or others
• Maintain key risk indicator (KRI) and risk control assessment (RCSA) related IT with the relevant department in order to assess the effectiveness of any control and identify new risks

Kualifikasi:

• Minimum of 3 years experience as Information Security, IT Governance, Risk and Compliance (IT GRC) or IT Auditors or IT Risk in Insurance or Financial Service industry
• Demonstrate good communication and writing skills
• Proficient with English written and verbal
• Experience in creating and maintaining IT and/or information security policies and procedures
• Prior experience in implementing ISO 27001, ITIL, COBIT, and/or PCI-DSS standards
• Familiarity with local and regional regulatory requirements and how they impact IT policies (prior experience will be an advantage)