Lowongan Kerja : IT GRC Lead

Perusahaan : Ajaib

Deskripsi Pekerjaan : Company Description

Ajaib is a financial technology company that provides a modern digital experience for beginners and seasoned investors alike. Our mission is to enable our customers to achieve financial freedom. Financial systems are the backbone of any country’s economy and wealth so we bear heavy responsibility for our customers. Our software engineers work on a variety of projects ranging from bleeding-edge innovations in financial systems to exciting consumer products. We never stop learning and we always seek ways to improve. If you want to apply your knowledge and skills to impact millions of lives, join our team.

Job Description

  • Understand technical implementation details necessary to identify, assess and mitigate Information Security risks
  • Design, implement, maintain, and improve programs to address key company risks · Improve controls for internal systems, processes, and policies ·
  • Prepare internal teams for independent assessments against regulatory and compliance frameworks ·
  • Maintain and verify the operational effectiveness of compliance controls
  • Collaborate with internal teams and external auditors throughout compliance assessments ·
  • Develop long-term objectives and track towards the overall mission and GRC Roadmap ·
  • Define key metrics to track program progress and maturity for various stakeholders ·
  • Responsible for the development and oversight of required mitigation plans relating to Information Security risks and policy exceptions ·
  • Develop and implement an Information Security awareness program then become its primary evangelist.


  • At least 5+ years in Security, preferably in GRC role or similar (Technology/IT Audit, Internal Audit, IT Consulting, etc) ·
  • Self-driven work ethic, in order to push towards goals or outcomes with minimal supervision
  • Strong ability to drive multiple workstreams in parallel within GRC (evolve controls while delivering immediate priorities) ·
  • Strong written and spoken communication skills when responding to external requests ·
  • Strong partnership and soft skills to influence outside of the Security organization to drive a culture of Security ·
  • Strong experience with common GRC frameworks (SOX, GDPR, CCPA, PCI, ISO27000, NIST Cybersecurity Framework, NIST SP800-53) ·
  • Strong experience working with Internal and External Audit teams ·
  • Understanding of security best practices (password security, device security, etc) in the context of Security Training and Awareness

Preferred Skills & Bonus Plus

  • Advanced security certifications like CISM, CISA, CISSP-ISSMP preferred ·
  • Experience with a large company and/or Big 4 accounting firm
  • Experience in influencing across all levels of the organization ·
  • Excellent project management skills ·
  • Eagerness to learn new things and discover emerging and new data trends ·
  • Understanding of common vendor risks and common vendor attestations (SSAE16, SOC2, SIG-Full/Lite)

Perkiraan Gaji :

Lokasi : Jakarta

Tanggal : Thu, 09 Dec 2021 23:38:04 GMT

Kirim Lamaran!