Deskripsi Pekerjaan
We are looking for a detail-oriented and analytical IT GRC Analyst to join the growing team at PT Sinar Digital Terdepan. In this pivotal role, you will be responsible for safeguarding the organization's information assets by ensuring strict adherence to governance, risk management, and compliance (GRC) standards. You will work closely with IT leadership and legal teams to identify potential security vulnerabilities, assess risks, and implement robust control measures that align with both international and local regulatory requirements. This is an excellent opportunity for a driven professional to contribute to a secure digital environment while advancing their career in the technology sector.
Tanggung Jawab
- Manage and maintain the organization's GRC framework to ensure compliance with ISO 27001, NIST, and local regulations.
- Conduct regular risk assessments, vulnerability analysis, and gap analysis to identify security weaknesses.
- Support internal and external audits by preparing comprehensive documentation and evidence trails.
- Perform vendor risk assessments to ensure third-party partners meet security compliance standards.
- Develop and deliver security awareness training programs for employees to foster a culture of security.
- Collaborate with IT teams to remediate security findings and implement corrective action plans.
- Monitor regulatory changes and communicate their impact on the organization's compliance posture.
Kualifikasi
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
- Minimum of 2-3 years of experience in IT Governance, Risk, or Compliance roles.
- Strong knowledge of GRC frameworks such as COBIT, ITIL, and ISO 27001.
- Familiarity with Indonesian data protection regulations (e.g., PDP 27) is highly preferred.
- Excellent written and verbal communication skills in English.
- Proficiency in using GRC tools (e.g., ServiceNow, Microsoft Compliance Manager) is a plus.
- Strong analytical thinking and attention to detail.