IT Security & GRC (Lead/Manager)

cermaticomΒ· People Operations
Apply Now β†—
πŸ“ JakartaπŸ“ Jakarta, Jakarta, IndonesiaπŸ“ idFull time

About this role

Company Description

Cermati is a financial technology (fintech) startup based in Indonesia. Cermati simplifies the process of finding and applying for financial product by bringing everything online so people can shop around for financial products online and can apply online without having to physically visit a bank.

Our team hailed from Silicon Valley Tech companies such as Google, Microsoft, LinkedIn and Sofi as well as Indonesian startups such as Doku andΒ Touchten. We have graduates from well known universities such as Universitas Indonesia, ITB, Stanford, University of Washington, Cornell and many others. We are building a company with the same culture of openness, transparency, drive and meritocracy as Silicon Valley companies. Join us in our cause to build a world class fintech company in Indonesia.

Job Description

  • Develop and maintain IT policies, standards, and procedures according to applicable internal and external requirements, including the applicable regulations in Indonesia (POJK, PBI)
  • Coordinate with the Compliance team to perform gap assessment. Recommend appropriate measures to mitigate risks.
  • Ensure that every initiative, development, and collaboration complies with the standards and regulations (internal and external)
  • Develop and implement the RBAC and least privilege of access management
  • Assess the effectiveness of IT controls, policies, and procedures in place to safeguard information assets, ensure data integrity, and maintain system availability
  • Coordinate with the related IT work units to follow up on data requests and the implementation of audit recommendations (internal audit, external audit, and regulator)
  • Continuously update and implement the internal control framework, policies, and procedures to strengthen the organization's IT governance according to IT General Control, IT Application control, ISO 27001, PCI DSS, and other industry best practices
  • Socialization and regular awareness to ensure IT policy, procedures, guidelines, and standards are implemented in the day-to-day operations

Qualifications

  • A minimum of 3 years of experience as Information Security, IT Governance, Risk, and Compliance (IT GRC), or IT Auditor in banking or the financial service industry
  • Experience in developing and maintaining IT and/or information security policies and procedures
  • Demonstrate good communication and writing skills
  • Proven experience in implementing and/or auditing ISO 27001 and PCI-DSS standards
  • Good understanding of the applicable regulatory requirements (such as OJK, BI, and Kemkominfo) and how they impact IT policies
  • One or more of the following or equivalent certifications preferred: CISA, CRISC, CISSP

Additional Information

Frequently Asked Questions

Is the salary disclosed for the IT Security & GRC (Lead/Manager) position at cermaticom?
The salary for this IT Security & GRC (Lead/Manager) role at cermaticom is not publicly listed. Click "Apply Now" to learn more about the compensation package on their official careers page.
Where is the IT Security & GRC (Lead/Manager) position at cermaticom located?
This IT Security & GRC (Lead/Manager) role at cermaticom is based in Jakarta, Jakarta, Jakarta, Indonesia, id. The position is listed as on-site or hybrid. Check the full job description or apply directly to confirm the work arrangement.
Is the IT Security & GRC (Lead/Manager) role at cermaticom full-time or part-time?
This is listed as a Full time position. It is posted as a IT Security & GRC (Lead/Manager) role in the People Operations department at cermaticom.
Which team or department does the IT Security & GRC (Lead/Manager) at cermaticom belong to?
This IT Security & GRC (Lead/Manager) position is part of the People Operations department at cermaticom. See the full job description for more information about the team structure and responsibilities.
How do I apply for the IT Security & GRC (Lead/Manager) position at cermaticom?
Click the "Apply Now" button on this page. You will be redirected to cermaticom's official application portal hosted on smartrecruiters where you can submit your application directly.
When was the IT Security & GRC (Lead/Manager) job at cermaticom posted?
This IT Security & GRC (Lead/Manager) position at cermaticom was posted on Jul 28, 2023. Apply as soon as possible β€” early applications are often reviewed first.
IT Security & GRC (Lead/Manager)
cermaticom
Apply for this role β†—

You'll be redirected to cermaticom's official application page on SmartRecruiters.