The fastest courier, transport, food delivery and shopping services provider in Indonesia.
Manager - IT Governance, Risk and Compliance
Job Description / Skills Required
About the Role
We are looking for a smart, energetic, and accomplished GRC person with a passion for not only what you achieve as part of a team, but also how you achieve it. As a Manager, you will be responsible for the planning, execution and monitoring of the GRC function of the CISO office.
What You Will Do
- Act as a Subject Matter Expert on IT Governance, Risk management and Compliance (GRC) and related policies and procedures and work with key stakeholders in building a strong company wide GRC culture
- Contribute to the formulation and implementation of Gojek Group wide IT governance standards and procedures in compliance with regulatory requirements
- Collaborate with procurement and Business team to implement Third party risk management
- Continuously identify Key risks in GRC area and maintain IT Risk Register
- Collaborate with stakeholders for risk management, mitigation and remediation measures
- Liaise with internal and external parties for IT GRC related audits and facilitate timely remediation of issues
- Align Group policies with Gojek Subsidiaries and other entity Review any new compliance requirement from the regulator
- Coordinate with all existing units in the Company, especially for the implementation of IT Internal Policies, International Standards, and Regulations that apply to the Company's business
What You Will Need
- At least 8 years of experience in IT security space with a strong experience in IT GRC (Governance, Risk and Compliance) related functions
- Good knowledge of enterprise IT systems and components (applications, operating systems, databases, networks, cloud, DevOps)
- Familiar with industry standards related to IT Controls – ISO 27001, NIST, Cloud Security
- Experience in working with vendors to evaluate security ControlsCISSP, CISM, CRISC, CGEIT and/or CISA certified prefered
- Degree in Computer Science, Information Security or Information Systems
About the Team
IT Governance, Risk and Compliance is a newly-established division in the Gojek ecosystem where the team focuses on complying with local and international IT regulations and standards in order for the business to continue operating in their respective regions.
Meeting regulatory requirements, policy-making as well as implementing information security controls & standards is what we do day-to-day. Not to mention the rise of data protection demands in the upcoming years which will become a challenge to all of us. Long story short, come join us and be part of the team with a mission to secure our beloved Gojek app.