Deskripsi Pekerjaan
Are you passionate about bridging the gap between technology, risk, and regulatory compliance? Gojek, through its GoTo Financial division, is looking for a highly skilled Senior IT GRC Analyst - Consumer Lending to join our dynamic team in Jakarta. In this pivotal role, you will be at the forefront of safeguarding our digital ecosystem, ensuring that our systems, processes, and consumer lending products meet the highest standards of regulatory, security, and risk management.
As a Senior IT GRC Analyst, you will collaborate with cross-functional teams to design, implement, and monitor robust IT Governance, Risk, and Compliance (GRC) frameworks. You will evaluate emerging risks, drive continuous improvement in our security postures, and ensure strict adherence to Indonesian financial regulations (such as OJK guidelines) and international standards. This is an exceptional opportunity to make a tangible impact on the security and reliability of financial products used by millions of consumers across the region.
If you thrive in a fast-paced fintech environment and have a keen eye for detail, we want you to help us build a secure, resilient, and fully compliant financial future.
Tanggung Jawab
- Lead the design, implementation, and continuous improvement of IT Governance, Risk, and Compliance (GRC) frameworks across the Consumer Lending division.
- Conduct comprehensive IT risk assessments, identifying vulnerabilities and recommending effective mitigation strategies.
- Ensure compliance with local regulatory requirements (e.g., OJK, Bank Indonesia) and international security standards (e.g., ISO 27001, PCI DSS).
- Collaborate with internal and external auditors to facilitate IT audits, track findings, and oversee remediation efforts.
- Develop and maintain IT security policies, procedures, and guidelines tailored to consumer lending operations.
- Monitor the IT risk landscape and provide actionable insights to senior management regarding emerging threats and compliance gaps.
- Work closely with engineering and product teams to ensure security and compliance are integrated into the software development lifecycle (SDLC).
Kualifikasi
- Bachelor's degree in Information Technology, Computer Science, Information Security, or a related field.
- Minimum of 5+ years of proven experience in IT GRC, IT Audit, or Information Security, preferably within the fintech, consumer lending, or banking sector.
- Strong understanding of Indonesian financial regulations, particularly those governing consumer lending and digital financial services.
- Professional certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Auditor are highly desirable.
- Excellent analytical and problem-solving skills, with the ability to translate complex technical risks into business terms.
- Strong communication and stakeholder management skills, capable of working effectively across various departments.
- Proven track record of managing multiple compliance projects and IT audits simultaneously in a fast-paced environment.