Working Student in Information Security at Allianz Direct supporting security monitoring and managing vulnerability assessments. Collaborating with cross - functional teams to enhance cybersecurity posture and awareness.
About the role
- Information Security Governance Specialist responsible for establishing IT security governance and compliance with standards. Overseeing security policies, audits, and risk management in Jakarta.
Responsibilities
- IT Governance & Policy Development : Establish, manage, and operate **Information Security Management System (ISMS)** in accordance with ISO27001 including governance over **Information security and personal data protection (PDP)**.
- Develop, implement, and continuously **maintain security and data protection policy standards** and procedure aligned with business objectives and industry best practices.
- Regulatory & Standards Compliance : Ensure compliance with applicable** information security and personal data protection regulations, including PDP Law (UU PDP)** and international standards such as **ISO 27001, PCI DSS, and NIST.** Identify and manage security and privacy-related regulatory obligations, coordinate the preparation of compliance documentation, and ensure security and data protection controls meet regulatory and audit expectations.
- SDLC & Product Governance : Govern the implementation of **Security by Design and Privacy by Design** principles across the system and product development lifecycle. Ensure information security and personal data protection requirements are defined, reviewed, and validated throughout ideation, development, deployment, and operations in alignment with ISO 27001 and PDP requirements.
- Audit Management : Act as the primary owner for information security, ISMS, and data protection audits. Plan and coordinate internal and external audits, manage audit evidence, respond to audit inquiries, track findings, and ensure corrective actions and continual improvement activities are executed and documented in accordance with ISO 27001 and PDP obligations.
- Third-Party Risk Management (TPRM) : Govern third-party risk management initiatives by assessing and managing risks associated with vendors, partners, and other third parties integrated with company systems.
- Incident Response, DRP & BCP Governance : Collaborate with technical and operational teams to ensure effective incident response governance, including Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP) readiness and testing.
- Security & Compliance Awareness : Promote a strong security and compliance culture across the organization through training programs, awareness initiatives, and continuous education.
Requirements
- Education: Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field. Relevant certifications such as ISO27001 Lead Auditor, CISA, GRCP, GRCA are highly desirable.
- Experience & Expertise : Proven experience in developing and executing IT governance frameworks, policies, and compliance programs in a practical, hands-on environment. Strong understanding of IT regulatory compliance and risk assessment principles.
- Regulatory & Risk Knowledge : Solid knowledge of information security standards, regulatory requirements, and governance frameworks. Banking or financial services industry experience is a strong advantage.
- Analytical & Monitoring Skills : Excellent analytical skills to assess IT risks, monitor governance effectiveness, and identify trends or gaps in compliance and controls.
- Communication & Collaboration : Strong communication and stakeholder management skills, with the ability to collaborate effectively across technical, business, and leadership teams.
- IT Management & Security Best Practices : Deep understanding of IT management best practices, information security controls, and risk mitigation strategies.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Enterprise Security Implementation Specialist at Vodafone supporting customers in implementing security solutions. Responsibilities include onboarding, incident management, and ensuring service quality with Fortinet and Zscaler products.
Cyber Security Specialist at Vodafone responsible for shaping and deploying security measures. Collaborating with business, IT, and Network teams as a trusted security partner.
Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.