Qualifications:
- Minimum 3 years of experience in Information Security, IT Governance, Risk & Compliance (IT GRC), or IT Auditing.
- Solid understanding of international information security frameworks (e.g., ISO 27001, NIST) and familiarity with relevant local regulations (e.g., UU PDP, POJK, PBI).
- Proven experience in implementing ISO 27001 or PCI DSS controls.
- Has a minimum 1 globally/locally recognized certification (e.g. ISO 27001 LA or similar)
- Strong interpersonal, presentation, and stakeholder communication skills.
- Proficient in both written and spoken English.
Responsibilities :
- Provide tailored advice on IT governance, information security policies, and data protection based on organizational context and regulatory requirements.
- Implement effective security governance practices using standards and frameworks such as ISO 27001, PCI DSS, or NIST.
- Perform comprehensive risk and maturity assessments to support continuous improvement.
- Conduct information security audits to evaluate the effectiveness of implemented controls.
- Deliver engaging and practical information security awareness training to employees.