Infosec Engineer - GRC

PT TOYOTA ASTRA FINANCIAL SERVICES • Kota Jakarta Pusat, DKI Jakarta
Jenis Pekerjaan

Full Time

Range Gaji

Informasi Tidak Tersedia

Deskripsi Pekerjaan


We are looking for

  • Someone with a passion for Information Security Engineer and can-do attitude to work closely with various teams within JULO leading and executing large and complex security projects and initiatives.


Responsibilities

  • Review and suggest various information security policies in JULO.
  • Review and suggest risk assessment process in JULO.
  • Perform necessary infosec business processes, such as but not limited to security pentesting, security risk assessment, product security consultation, etc.
  • Own the planning and execution of activities in JULO’s Information Security roadmap.
  • Improve JULO’s management of data, especially customer PII.
  • Lead the analysis, evaluation, implementation, and improvement of security controls both in technical solutions and effective processes when operating applications, cloud and network infrastructures, and tools.
  • Provide technical guidance, training, and mentoring to JULOvers working with confidential data, assets, access, and information.
  • Keep up with current security vulnerabilities, threats, controls, and technologies and apply them if necessary.

Persyaratan Pekerjaan


  • Practical problem solver, highly analytical, great team player, have excellent work ethic, and have strong security ethics.
  • Can communicate clearly, timely, and professionally:
  • With technical and non-technical users,
  • With leadership roles and individual contributors
  • In English and Indonesian.
  • Expert in multi-tasking, both in planning, executing, and managing projects thoroughly in issue tracking tools.
  • Experience in creating, maintaining, and improving GRC related processes.
  • Hands-on experience with ISO 27001:2017 or ISO 27001:2022 recertification or surveillance audits
  • 3 plus years of experience as a GRC personnel.
  • Having completed CISSP, OSCP, CEH, or similar certifications..
  • Having a deep understanding of GRC principles.
;