Tokopedia
Tokopedia

IT Security GRC - Risk & Compliance (Technology)  

Tokopedia

 
  • South Jakarta, Indonesia
    South Jakarta, DKI Jakarta, Indonesia, South Jakarta, DKI Jakarta, Indonesia
    South Jakarta
    DKI Jakarta
    Indonesia
    Indonesia
  • Full timeFULL_TIME

Expired 3 years ago

2021-03-10T17:00:00+00:00
Job closed.

Job Description

Risk Assessment:

  • Conduct security risk assessment and cyber risk assessment and consolidation with other teams to ensure risks are identified, controls are in place (doable and measurable), if there is no control in place can identify mitigation action or remediation action
  • Tracking and monitor remediation action to ensure all can be achieved within agreed timeline
  • Discuss and liaise with risk owner to provide understanding and to gain commitment for risk mitigation / risk remediation action
  • Perform maturity assessment periodically and articulating the results to relevant teams as part of continuous improvement
  • Propose relevant security controls as part of risk mitigation covering prevention, detection, and corrective
  • Continuously provide feedback related with security risk to other teams
  • Monitor and track all third party including their risk assessment result and status of the remediation action
  • Assist other team in reviewing whether user access matrix developed has fulfilled the requirement on segregation of duties and least privilege principle
  • Ensure all Nakama already have sufficient security risk awareness
  • Deliver and manage all security risk awareness program and activity

Compliance:

  • Review new regulations issued by our government (regulators), especially related to information security and prepare gap analysis, identifying action to be taken to comply with the requirement
  • Ensure the applied standards or held certifications (e.g. ISO 27001, PCI DSS) are well maintained
  • Act as an audit support manager for every audit event or consultation event related with security, starting from obtaining evidence, provide answer and guidance to auditors / consultants, and became single point of contact / liaison with other teams (Tech and outside of Tech).

Minimum Qualifications

  • 2+ years in IT Risk or IT Compliance, preferably within IT Security aspects
  • Has risk and compliance sense, able to identify risk and the related controls, able to articulate it well to people with no risk / compliance bakground
  • Familiar with regulation gap analysis process
  • Has a willingness to learn and a good team player
  • Have global certification on IT Risk / IT Audit is a plus point

Jobs Summary

Job Level
Associate / Supervisor
Job Category
IT and Software
Educational Requirement
Bachelor's degree graduate
Recruiter response to application
Once in a while
Office Address
South Jakarta, DKI Jakarta, Indonesia
Industry
E-Commerce
Vacancy
2 openings
Website
https://www.tokopedia.com/

Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.

About Tokopedia

Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. We are the leading marketplace in Indonesia; we encourage millions of merchants and consumers to participate in the future of commerce. Our vision is to build an ecosystem where everyone can start and discover anything with ease. We are holding to these three principles that drive us forward. We call them our DNA, the traits that embody who we are as Tokopedia Nakama: Focus on Consumer, Growth Mindset, and Make it Happen, Make it Better

People also applied to

  1. Home

Other Recommended Jobs

Apply jobs in

Job Categories:

Related to your search: