Deskripsi Pekerjaan
Dhir & Partners is seeking a strategic and detail-oriented IT Governance & Risk Executive to oversee our information technology security posture and regulatory compliance. In this role, you will play a critical part in safeguarding our digital assets by managing IT risk assessments, enforcing security protocols, and ensuring the organization remains compliant with relevant industry regulations. You will work closely with cross-functional teams to monitor system performance and mitigate potential vulnerabilities before they impact business operations.
As the IT Governance & Risk Executive, you will be the guardian of our information integrity, translating complex technical risks into actionable business strategies for stakeholders. This is an opportunity to lead high-impact initiatives that drive the maturity of our IT governance framework and enhance our overall security resilience.
Tanggung Jawab
- Develop and implement robust IT governance frameworks and policies to align with business objectives and regulatory requirements.
- Conduct comprehensive IT risk assessments and manage the risk register to identify, assess, and mitigate potential security threats.
- Ensure strict adherence to regulatory compliance standards (e.g., ISO, SOX, GDPR) across all IT operations and systems.
- Oversee the implementation and monitoring of IT security measures, including access controls and data protection protocols.
- Monitor system performance and conduct regular audits to detect anomalies, vulnerabilities, or non-compliance issues.
- Collaborate with internal stakeholders to educate them on security best practices and risk management strategies.
- Prepare and present detailed risk reports and compliance status updates to senior management and the board.
Kualifikasi
- Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field.
- Proven experience in IT governance, risk management, or IT security within a corporate environment.
- Professional certification such as CRISC, CISA, CISSP, or CISM is highly desirable.
- Strong understanding of regulatory compliance frameworks and IT audit processes.
- Excellent analytical skills with the ability to interpret complex data and technical reports.
- Strong communication and interpersonal skills to effectively convey risk information to non-technical stakeholders.
- Ability to work independently and manage multiple priorities in a fast-paced environment.