GRC Specialist
Indonesia - Jakarta, Green Office Park 1
Traveloka
It's fun to work in a company where people truly BELIEVE in what they're doing!
Job Description
- Establish and maintain information security policies, standard, guidelines, procedures and controls to ensure they meets with company's risk appetite and compliance with applicable regulatory and legal requirements as well as industry standard
- Enforce information security policies, standard, guidelines, procedures and controls implementation
- Ensure and improve compliance such as PCI DSS 4.0, SNI ISO/IEC 27001:2022, and other information security related compliance, law and regulation
- Manage and perform end to end risk assessment for various Information systems, services and processes
- Act as a Subject Matter Expert (SME) for trending GRC and Information Security topics
- Maintain expertise on security trends through training, research and development in order to mitigate potential security exposures
- Develop, promote and monitor our corporate wide Information Security awareness and Training Program
- Lead and coordinate cross projects with Traveloka internal stakeholder
- Represent team with external stakeholders to manage discussions on advisory, certifications, standards and compliance
- Take ownership on the assigned project
- Contribute in the process improvement
Requirements
- 3-5 years+ of relevant professional experience is preferred
- Have a good understanding about threat, vulnerability, impact and risk and their implementation on business process
- In-depth knowledge with as many as the following law, regulations, frameworks, and/or industry standards: COBIT, ISO/IEC 27000-series, PCI/DSS, NIST SP 800-53/30, GDPR, PDPA, PP71, UU ITE, etc
- Demonstrated skills in risk assessment, both quantitatively and qualitatively. Familiarity with maturity models as aids to gap assessment and remediation planning
- Ability to act independently and exercise good judgment as well as the ability to work cross functionally and create virtual teams
- Ability to prioritize and multitask
- Flexibility and adaptability in work approach
- Strong written and verbal communication skills especially in English
- Strong interpersonal skills
- Strong problem-solving and negotiation skills
- Calmness and clarity of thought under pressure and ability to maintain confidentiality
- Ability to perform effective interaction with a broad range of people and roles. Accept responsibility and personal accountability
- Ability to stay updated with current information security trends
- Certified in CISSP, CGEIT, CISA, CISM, or other information security certification will be an added value
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: CISA CISM CISSP COBIT Compliance GDPR NIST NIST 800-53 PCI DSS Risk assessment
Perks/benefits: Career development
Region:
Asia/Pacific
Country:
Indonesia
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsStaff Security Engineer jobsChief Information Security Officer jobsSenior Penetration Tester jobsSecurity Specialist jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Information Security Analyst jobsCyber Security Architect jobsSenior Product Security Engineer jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobs
SaaS jobsSDLC jobsMalware jobsForensics jobsEncryption jobsRMF jobsGDPR jobsSQL jobsIDS jobsIPS jobsSplunk jobsTop Secret jobsDoDD 8570 jobsEDR jobsFinance jobsBash jobsTerraform jobsUNIX jobsITIL jobsOWASP jobsTCP/IP jobsIntrusion detection jobsGIAC jobsCRISC jobsDocker jobs
SANS jobsActive Directory jobsCompTIA jobsData Analytics jobsCCSP jobsThreat detection jobsBanking jobsOSCP jobsPolygraph jobsClearance Required jobsVPN jobsDNS jobsCyber defense jobsSOC 2 jobsJavaScript jobsIT infrastructure jobsAnsible jobsSOAR jobsGCIH jobsOracle jobsJira jobsSecurity strategy jobsCryptography jobsSOX jobsNIST 800-53 jobs