IT Security GRC - Governance (Technology)


  • South Jakarta, Indonesia
    South Jakarta, DKI Jakarta, Indonesia, South Jakarta, DKI Jakarta, Indonesia
    South Jakarta
    DKI Jakarta
  • Full time
Posted 15 days ago and deadline of application is on 10 Aug
Recruiter was hiring 7 minutes ago

IT Security GRC - Governance (Technology)


Job Description

  • Aligning and translating business objectives into security activities to ensure business objectives are reflected in security objectives, policy, and procedures
  • Following internal security framework as a reference model in implementing security activities and as necessary providing sufficient feedback to improve the framework
  • Developing and implementing required policy and procedure as part of security controls encompass Identify, Protect, Detect, Respond, and Recover functions
  • Identifying the most suitable teams to carry out defined policies and procedures to uphold the accountability and ownership thereof
  • Ensuring defined policies, procedures, standards, and any security configurations are documented and tracked properly
  • Creating awareness and training program to keep the defined security governance is adhered continuously
  • Defining and managing security metrics inherited by defined procedures, in order to measure the performance of defined security controls
  • Reporting any issues found during the implementation of security policy, procedure, and standard, where top management should put their attention to
  • Working closely with teams that have main responsibility to monitor implemented controls in order to ensure defined controls and metrics are executed properly
  • Articulating and socializing developed policy and procedure to relevant teams that have main responsibility to monitor implemented controls and the actor of activities
  • Updating as necessary policy and procedure or any other documents which support security controls. The source of updating could come from a team that assures defined controls executed properly or the other team that provides feedback on the effectiveness of defined security governance

Minimum Qualifications

  • Experience in Information Technology or Security with general awareness of industry standard security practices
  • Knowledge of IT General Controls and relevant compliance standards (ISO, ITIL, SOX, NIST, COBIT5, PCI)
  • Strong interpersonal skills and capabilities that can speak broadly of IT General Control requirements
  • Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or physical access
  • Experience implementing security policy, procedure, and standard in an organization
  • Experience developing and running information security awareness to participants periodically
  • Good understanding of common information security metrics applied in an organization
  • Able to convey information to other team clearly and simply, in a way that means things are understood and easy to execute
  • Preferably pose CISSP, CISM, or CGEIT

Jobs Summary

Job level
Associate / Supervisor
Job category
IT and Software
Educational requirement
Bachelor's degree graduate
Office Address
South Jakarta, DKI Jakarta, Indonesia
1 opening

Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.

About Tokopedia

Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. We are the leading marketplace in Indonesia; we encourage millions of merchants and consumers to participate in the future of commerce. Our vision is to build an ecosystem where everyone can start and discover anything with ease. We are holding to these three principles that drive us forward. We call them our DNA, the traits that embody who we are as Tokopedia Nakama: Focus on Consumer, Growth Mindset, and Make it Happen, Make it Better