IT Compliance & Governance
Develop, maintain, and enforce IT policies, standards, and procedures aligned with ISO 27001, ISO 22301, and PCI DSS requirements.
Manage and regularly review IT fixed assets (request, manage active devices, and disposal)- Monitoring IT Security weekly checking (Office, EDR, SAS Alert, and J-Sec).
Conduct internal compliance assessments, risk evaluations, and control testing to ensure adherence to corporate governance and regulatory standards.
Coordinate IT audit activities and ensure timely closure of audit findings and risk mitigation actions.
Support business continuity and disaster recovery planning (BCP/DRP) and ensure readiness through periodic tests and documentation.
Handle IT Support user and change request (Office365, anti virus, firewall, and windows patch).
Provide compliance advisory and training to IT and business teams to promote awareness of security, governance, and ethical practices.
Collaborate with regional or headquarter governance teams to align local compliance initiatives with global standards.
Familiar with IT Compliance Frameworks and Standards (ISO 27001, ISO 22301, PCI DSS, COBIT, NIST, and UU PDP)
Technical Support (troubleshooting hardware/software issues, UEM (Unified Endpoint Management), MFA, and VPN Global Protect)
IT Infrastructure Management (Servers, networking, and storage (windows server, linux environment) is a plus.
Business Continuity & Disaster Recovery (BCP&DRP): BCP exercise (firedrill, natural disaster, man-made disaster, and cybersecurity monitoring and detection).
Developing and Implementing IT Security Policies
Privacy Policies (e.g., Data Protection & Confidentiality) IT Audit and Compliance Checklists (Self assessment)
Education: Bachelor's Degree / S1 (Information Technology, Computer Science, Information System, or a related field).
3+ years of experience IT Compliance, governance, audit, or information security.
Excellent analytical, documentation, and communication skills.
Strong understanding of IT GRC frameworks (COBIT, ISO 27001, ISO 22301, PCI DSS or NIST)- Professional certifications such as CISA, ISO 27001 Lead Implementer/Auditor, or ITIL are advantageous.