Deskripsi Pekerjaan
Are you a seasoned IT professional with a passion for building robust security frameworks? Bussan Auto Finance is seeking a dedicated IT Security Risk & Governance Specialist to join our growing team in Jakarta Selatan. In this critical role, you will be the architect of our digital defense strategy, ensuring that our IT operations align with global security standards, regulatory requirements, and data privacy mandates.
You will lead end-to-end IT Governance, Risk, and Compliance (GRC) initiatives, bridging the gap between technical infrastructure and business objectives. We are looking for an expert who can navigate the complexities of cybersecurity governance while fostering a culture of risk awareness across the organization. If you thrive in high-stakes environments and are eager to protect critical financial infrastructure, we want to hear from you.
Tanggung Jawab
- Develop, implement, and maintain comprehensive IT Governance, Risk, and Compliance (GRC) frameworks.
- Perform regular IT security risk assessments and vulnerability audits across enterprise systems.
- Oversee the implementation of Data Privacy Management policies in compliance with Indonesian regulations (UU PDP).
- Collaborate with cross-functional teams to remediate security gaps and improve overall internal control maturity.
- Monitor and enforce cybersecurity governance policies, ensuring adherence to internal audits and external security standards.
- Manage third-party vendor risk assessments to ensure external partners meet our security protocols.
- Provide regular reporting and strategic recommendations to leadership regarding the IT risk posture.
Kualifikasi
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field.
- Minimum of 3-5 years of experience in IT Governance, Risk, and Compliance (GRC) roles.
- Strong understanding of ISO 27001, NIST, COBIT, and other relevant security frameworks.
- Proven expertise in data privacy regulations and cybersecurity risk management methodologies.
- Professional certification such as CISA, CRISC, CISM, or CISSP is highly preferred.
- Excellent analytical, communication, and stakeholder management skills.
- Proficiency in English and Indonesian, with the ability to translate complex technical concepts for business stakeholders.