Responsibilities
- Determine and maintain an inventory of all Digital Policies, Quality standards, and technology compliance requirements.
- Create a digital compliance risk assessment framework and periodically assess all the compliance risks and control measures in place
- Identify the associated compliance control gaps and oversee the documentation, implementation, and testing of the entire compliance control portfolio.
- Develop and direct compliance control monitoring programs to ensure compliance-related risks are managed to the appropriate level of acceptable residual risk.
- Implement and maintain compliance issue management tracking and resolution process that will address known issues, according to the severity and potential impact to the organization.
- Conduct necessary compliance control monitoring and testing activities to determine the effectiveness of the controls.
- Remediate all compliance control deficiencies.
- Work with the Internal Change Control process team to ensure that compliance control, security requirements, and Quality standard are met before deployment to production
- Coordinate audit-related tasks such as ensuring the readiness of Digital organizations for audit testing and facilitating the timely resolution of any audit findings.
- Perform Digital Risk Assessments by analyzing and assessing the current and future threat landscape, providing the leadership team, with a realistic overview of risks and threats from an overall controls perspective
- Create a Digital Risk & compliance training and awareness program that periodically educates the requisite end-user community on the relevant Risk & compliance requirements, and certifies their adherence to the relevant compliance controls
- Identify and resolve any issue of non-compliance, with a related standard or framework
Qualifications
- 3- 5 years experience in IT Governance, Risk & Compliance
- Bachelor's degree in law or any related disciplines
- Knowledgeable about NIST, CIS guidelines, various other IT Security regulations & baseline controls
- Certification in SAP GRC
- Experience in information technology security is a strong requirement, and a person should have experience in at least one or more technology at some time.
- Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration
Job Type: Contract
Contract length: 12 months
Salary: Rp35,000,000 - Rp42,000,000 per month
Application Question(s):
- Do you have any SAP certification?
- How many full cycles do you have on your experience in handling projects so far?
