IT Security GRC - Risk & Compliance (Technology)
Tokopedia
- South Jakarta, IndonesiaSouth Jakarta, DKI Jakarta, Indonesia, South Jakarta, DKI Jakarta, IndonesiaSouth JakartaDKI JakartaIndonesiaIndonesia
- Toàn thời gianFULL_TIME
Công việc đã đóng.
Miêu Tả Về Công Việc
Risk Assessment:
- Conduct security risk assessment and cyber risk assessment and consolidation with other teams to ensure risks are identified, controls are in place (doable and measurable), if there is no control in place can identify mitigation action or remediation action
- Tracking and monitor remediation action to ensure all can be achieved within agreed timeline
- Discuss and liaise with risk owner to provide understanding and to gain commitment for risk mitigation / risk remediation action
- Perform maturity assessment periodically and articulating the results to relevant teams as part of continuous improvement
- Propose relevant security controls as part of risk mitigation covering prevention, detection, and corrective
- Continuously provide feedback related with security risk to other teams
- Monitor and track all third party including their risk assessment result and status of the remediation action
- Assist other team in reviewing whether user access matrix developed has fulfilled the requirement on segregation of duties and least privilege principle
- Ensure all Nakama already have sufficient security risk awareness
- Deliver and manage all security risk awareness program and activity
Compliance:
- Review new regulations issued by our government (regulators), especially related to information security and prepare gap analysis, identifying action to be taken to comply with the requirement
- Ensure the applied standards or held certifications (e.g. ISO 27001, PCI DSS) are well maintained
- Act as an audit support manager for every audit event or consultation event related with security, starting from obtaining evidence, provide answer and guidance to auditors / consultants, and became single point of contact / liaison with other teams (Tech and outside of Tech).
Trình độ tối thiểu
- 2+ years in IT Risk or IT Compliance, preferably within IT Security aspects
- Has risk and compliance sense, able to identify risk and the related controls, able to articulate it well to people with no risk / compliance bakground
- Familiar with regulation gap analysis process
- Has a willingness to learn and a good team player
- Have global certification on IT Risk / IT Audit is a plus point
Tóm tắt công việc
- Trình Độ Công Việc
- Phó Giám Sát/Giám Sát
- Ngành Nghề
- IT and Software
- Yêu cầu học vấn
- Tốt nghiệp Cử nhân
- Nhà tuyển dụng trả lời hồ sơ
- Once in a while
- Địa chỉ văn phòng
- South Jakarta, DKI Jakarta, Indonesia
Về Tokopedia
Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. We are the leading marketplace in Indonesia; we encourage millions of merchants and consumers to participate in the future of commerce.
Our vision is to build an ecosystem where everyone can start and discover anything with ease.
We are holding to these three principles that drive us forward. We call them our DNA, the traits that embody who we are as Tokopedia Nakama: Focus on Consumer, Growth Mindset, and Make it Happen, Make it Better