IT Security GRC - Risk & Compliance (Technology)


  • South Jakarta, Indonesia
    South Jakarta, DKI Jakarta, Indonesia, South Jakarta, DKI Jakarta, Indonesia
    South Jakarta
    DKI Jakarta
  • Full time
Posted 15 days ago and deadline of application is on 10 Aug
Recruiter was hiring an hour ago

IT Security GRC - Risk & Compliance (Technology)


Job Description

  • Conducting risk assessment over security perspective (Confidentiality, Integrity, and Availability) and relevant standards such as ISO and PCI, as part of the evaluation towards policies, procedures, and standards
  • Conducting security risk assessment over defined controls operated by third party to manage our critical asset
  • Defining security controls including prevention, detection, and response based on results of conducted risk assessment and consolidation with other teams to ensure defined controls are doable and can be measured
  • Developing remediation actions to mitigate risks associated with the protection of our critical assets
  • Being responsive to new regulations issued by our government, in particular the regulations related to security objectives or activities, by determining necessary strategies to conform with the regulations
  • Performing regulatory compliance against applicable regulations which have correlation with security objectives or activities
  • Being accountable of business impact analysis execution which might involve other teams in the internal organization, as part of business resiliency
  • Communicating security risk assessment results to management and do escalation as necessary to ensure our conformity to relevant regulations is in place
  • Communicating security controls as results of risk assessment, to be monitored by teams that have functionality to verify the effectiveness of defined controls
  • Acting as liaison between teams that have audit or risk functions and security team to ensure defined controls are properly implemented
  • Conducting maturity assessment periodically and articulating the results to relevant teams as part of continuous improvement

Minimum Qualifications

  • Experience in Information Technology or Security with a general awareness of industry standard security practices
  • Knowledge of IT General Controls and relevant compliance standards (ISO, ITIL, SOX, NIST, COBIT5, PCI)
  • Able to anticipate organizational impact & understand the risk associated with introducing new technologies or processes
  • Exceptional written and verbal communication skills with a demonstrated ability to develop and maintain relationship
  • Experience working in a governance environment leveraging a risk and controls mindset
  • Experience across Information Security domains such as risk & compliance, incident response, identity & access management, penetration testing, or physical access
  • Experience across IT domains such as application development, infrastructure, technical support and operations, or business continuity
  • Experience with relevant experience in Information Security, Audit, Risk and/or Compliance
  • Preferably pose certifications related to risk management and audit standards such as QSA, ISO Lead Auditor, CISA

Jobs Summary

Job level
Associate / Supervisor
Job category
IT and Software
Educational requirement
Bachelor's degree graduate
Recruiter response to application
Once in a while 
Office Address
South Jakarta, DKI Jakarta, Indonesia
1 opening

Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.

About Tokopedia

Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. We are the leading marketplace in Indonesia; we encourage millions of merchants and consumers to participate in the future of commerce. Our vision is to build an ecosystem where everyone can start and discover anything with ease. We are holding to these three principles that drive us forward. We call them our DNA, the traits that embody who we are as Tokopedia Nakama: Focus on Consumer, Growth Mindset, and Make it Happen, Make it Better