IT Governance Risk & Compliance (GRC)

Monitor and improve our cyber security strategy or roadmapAnalyze and implement CIS Security Control as required3rd Party vendor assessment as required by regulator or CISAnalyze reports from Managed SOC, Asset inventory, Patch Management, IAM, VAPT, EDR, Tools and change it as neccessary as required by regulator or CISPerform Incident response simulation & testingPerform Phising simullation & User Security awarenessPerform internal pentestPerform baseline check on all endpoints and serversPrepare documents required by internal audit and external audit (regulator, vendor, client, etc) Minimum Qualifications Bachelor Degree (IT Major prefered)Minimum 3 years experiencedExperienced in Cyber Security Framework (ISO 27001, CIS, NIST)CEH or CISM CerfiticationFull WFO Tanah Abang, Jakarta Pusat Soft Skills Good English language skills spoken/ writtenExperienced in creating policies, standard/baseline, procedure and guidelines for CISExperienced in regulator & licences compliance Technical Skill Experienced the use of VAPT Tools such as Tenable/Burp Suite or equivalentExperienced the use of DLP Tools such as Forcepoint/ Purview or equivalentExperienced the use of Patch Management Tools such as ManagEngine/ Kaseya or equivalentExperienced the use of Asset Inventory Tools such as Lansweeper/Kaseya or equivalentExperienced the use of Identity Access Management Tools such as Cyberark/ ManageEngine or equivalentExperienced the use of TDR Tools such as Crowdstrike/ PaloAlto Cortex or equivalentProficiency in AI tools such as Antrophic/GPT/Gemini to assist documentation and reporting process is plus