Internal IT Audit Officer  

To strengthen robust and secure IT governance across IDX, we are seeking a highly analytical, detail-oriented, and tech-savvy professional to join our team as Internal IT Audit Officer.

This role focuses on conducting audit and advisory engagements related to IT operations, ensuring that systems and processes comply with relevant regulations and support organizational performance. You will play a key role in enhancing the company's practices in IT Governance, Risk, and Compliance (GRC).

What You’ll Deliver:

Education

Bachelor’s degree (S1), preferably in Computer Science, Information Systems, or Accounting with a focus on IT/SIS.

Experience

1. Minimum 2 years of relevant experience in IT Audit, IT Risk, IT Governance, or related IT fields.
2. Experience in IT Security and/or Cybersecurity-related roles (either standalone or embedded within audit responsibilities) is highly desirable.
3. Holding professional certifications (e.g., CISA, CISM, CRISC, CISSP, ISO 27001 LA/LI) or having attended formal trainings in IT Audit, Information Security, or GRC is a strong advantage.
4. Demonstrated passion and initiative in cybersecurity, such as participation in ethical hacking communities, cybersecurity blogs/research, or self-initiated security testing projects, is a plus.

Technical Competencies

We are seeking candidates who not only have strong IT audit capabilities but also a deep interest and skill in IT Security and Cybersecurity, including:

1. IT Audit, IT Process, IT Security, Cybersecurity Framework:
   1. Strong understanding of IT audit principles, including fieldwork, sampling, and risk-based audit.
   2. Familiarity with information and cyber security standards such as ISO 27001, NIST Cybersecurity Framework, or similar.
   3. Understanding of System Development Life Cycle (SDLC) and Project Management methodologies (e.g., PMI, Agile/Scrum, Prince2).
   4. Knowledge of IT governance frameworks like COBIT and their application to risk and control environments.
2. IT & Cybersecurity Audit:
   1. Ability to apply IT audit and cybersecurity knowledge in evaluating internal controls, identifying security gaps, and recommending risk mitigation strategies aligned with frameworks such as ISO 27001, NIST CSF, or COBIT.
   2. Comfortable working collaboratively with external parties, including regulators (e.g., OJK), external auditors, and third-party consultants during security reviews, audits, and control evaluations, as well as monitoring and facilitating timely follow-up on agreed corrective actions.
3. Technical Tools:
   1. Interest or basic experience in using data analytics, scripting (e.g., Excel, SQL, Python), and modern technologies such as AI to support audit automation, big data analysis, and risk identification. Familiarity with tools like Power BI, Tableau, or AI-based solutions is a plus, but not mandatory.
   2. Familiarity or exposure to cybersecurity tools such as SIEM, vulnerability scanners, and penetration testing frameworks, particularly in the context of IT audit or control evaluation. Enthusiasm to deepen skills in this area is highly valued.

Soft Skills

1. High integrity and strong professional ethics
2. Strong analytical and problem-solving skills
3. Collaborative and team-oriented
4. Excellent communication and reporting abilities
5. Detail-oriented with root-cause focus
6. Proactive, independent, and solution-driven