Governance, Risk Management & Compliance Analyst Governance, Risk Management & Compliance Analyst

Level

Senior

Location

Jakarta

Apply Before

21 Nov 2024

Description

We are a leading organization dedicated to maintaining the highest standards of governance, risk management, and compliance in our industry. We are seeking a highly skilled Governance, Risk Management & Compliance (GRC) Analyst to join our team. In this role, you will play an integral part in managing and mitigating risks, ensuring regulatory compliance, and maintaining strong governance practices across the organization.Key Responsibilities:

Key Responsibilities:

1. Governance Support:

  • Assist in the development and implementation of IT governance frameworks aligned with organizational objectives and regulatory requirements.
  • Help maintain IT policies, procedures, and standards to guide IT operations

2. Risk Assessment:

  • Participate in identifying and evaluating IT risks across the organization.
  • Conduct risk assessments and document findings.
  • Collaborate with teams to develop risk mitigation plans.

3. Compliance Monitoring:

  • Support compliance efforts with relevant laws, regulations, and industry standards (e.g., ISO 27001, GDPR, PCI DSS).
  • Assist in preparing for internal and external audits by gathering required documentation and evidence.
  • Monitor adherence to IT policies and report non-compliance issues.

4. Policy and Procedure Maintenance:

  • Help update IT policies and procedures to reflect changes in regulations, technology, and business needs.
  • Ensure policies are accessible and communicated effectively to relevant stakeholders.

5. Training and Awareness:

  • Assist in developing training materials related to GRC topics.
  • Participate in conducting training sessions to educate employees on compliance requirements and best practices.

6. Incident Reporting:

  • Support the incident management process by documenting incidents and tracking remediation efforts.
  • Assist in the investigation of IT security incidents and breaches.

7. Vendor Risk Management:

  • Contribute to assessing the risk posture of vendors and third-party service providers.
  • Help monitor vendor compliance with contractual obligations and regulatory requirements.

8. Documentation:

  • Maintain accurate and up-to-date records of all GRC-related activities, assessments, and reports.
  • Ensure documentation meets audit and regulatory requirements.

Qualification

Qualifications:

1. Educational Background:

  • Bachelor's degree in Information Technology, Computer Science, Business Administration, Cybersecurity, or a related field.
  • Professional Certifications (Preferred)

2. Experience:

  • 2-4 years of experience in IT governance, risk management, compliance, or related roles.
  • Familiarity with regulatory requirements relevant to our industry.

3. Technical Proficiency:

  • Frameworks and Standards: Basic knowledge of IT governance frameworks and standards (e.g., COBIT, ITIL, NIST).
  • Regulatory Compliance: Understanding of laws and regulations such as GDPR, SOX, HIPAA, PCI DSS.
  • IT Knowledge: General understanding of IT infrastructure, systems, networks, and security principles.

4. Soft Skills:

  • Analytical Skills: Strong analytical and problem-solving abilities.
  • Communication Skills: Good written and verbal communication skills; ability to convey information clearly.
  • Attention to Detail: High level of accuracy in documentation and analysis.
  • Integrity: Demonstrated commitment to ethical conduct and confidentiality.
  • Teamwork: Ability to work collaboratively within a team environment.
  • Organizational Skills: Strong ability to manage multiple tasks and priorities.

5. Other Requirements:

  • Continuous Learning: Eagerness to learn and stay updated on GRC trends and best practices.
  • Adaptability: Flexibility to adapt to changing regulatory environments and business needs.
  • Industry Experience: Experience in GRC roles within [specify telco industry].
  • Additional Certifications: Any other relevant certifications in IT security or compliance.
  • Data Privacy Knowledge: Understanding of data privacy principles and regulations.

Benefits

• Opportunity to become a Permanent Employee
• Professional Development
• Hybrid Work Arrangement
• Daily lunch at Work
• Device will be provided by Company