IT Security Operation - Control Assurance (Technology)


  • South Jakarta, Indonesia
    South Jakarta, DKI Jakarta, Indonesia, South Jakarta, DKI Jakarta, Indonesia
    South Jakarta
    DKI Jakarta
  • Full time
Posted 7 days ago and deadline of application is on 10 Aug
Recruiter was hiring 16 minutes ago

IT Security Operation - Control Assurance (Technology)


Job Description

  • Assessing the effectiveness of security controls performed by relevant teams, as part of the implementation monitoring towards applicable security policies, procedures, and standards
  • Evaluating the results of assessment towards security controls to provide recommendations to be adopted in new or existing security policies, procedures, and standards
  • Reviewing granted user access to verify adherence to defined user access matrix and user access policy
  • Reviewing physical access log and recorded CCTV and providing necessary recommendations to be followed up by relevant teams
  • Monitoring effectiveness of endpoint protection controls such as anti-virus and data loss prevention
  • Validating the baseline of security configurations applied in operating systems, databases, and network appliances as part of security controls
  • Doing necessary actions to ensure defined controls can be implemented, such as defining user access matrix together with application owner to ensure segregation of duties is enabled
  • Reporting the evaluation results to management and relevant teams to be followed up its necessary actions
  • Working closely with teams that have responsibilities in defining and implementing security policies, procedures, and standards
  • Working closely with teams with deeper knowledge in solutions or technical security requirements
  • Providing feedback to uphold automation of control checking to reduce required manual efforts and translating it to requirements which can be leveraged by other team that will be responsible to produce the automation solution

Minimum Qualifications

  • Knowledge of IT General Controls and relevant compliance standards (ISO, ITIL, SOX, NIST, COBIT5, PCI)
  • Knowledge of Information Security best practices such as PCI DSS and ISO 27001/2
  • Able to communicate required controls to be managed by other teams
  • Experience with reporting to management the result of information security controls monitoring
  • Experience with conducting external or internal audit functions in an organization
  • Basic knowledge of technical security controls normally applied in the organization
  • Ability to evaluate exceptions and conclude on impact of IT findings
  • Experience reviewing processes to facilitate the provision of improvement recommendations to specific information security controls
  • Preferably pose CISA certifications

Jobs Summary

Job level
Associate / Supervisor
Job category
IT and Software
Educational requirement
Bachelor's degree graduate
Office Address
South Jakarta, DKI Jakarta, Indonesia
1 opening

Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.

About Tokopedia

Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. We are the leading marketplace in Indonesia; we encourage millions of merchants and consumers to participate in the future of commerce. Our vision is to build an ecosystem where everyone can start and discover anything with ease. We are holding to these three principles that drive us forward. We call them our DNA, the traits that embody who we are as Tokopedia Nakama: Focus on Consumer, Growth Mindset, and Make it Happen, Make it Better