Risk Officer
PT ITSEC Asia Tbk
- Full-Time
- On-site • Jakarta Selatan
- Negotiable
No Sign Up Required!
Job Description
- Act as the designated Risk Officer for Indonesia operations, leading local risk identification, assessment, and mitigation activities.
- Serve as the internal ISO Coordinator, overseeing the implementation and maintenance of ISO/IEC 27001 and/or other relevant standards.
- Maintain and update the risk register, ensuring timely and accurate reporting to the global risk management team.
- Coordinate and support internal and external ISO audits, including preparation, documentation, findings resolution, and continuous improvement.
- Review and update policies, SOPs, and ISMS documentation to ensure audit-readiness and operational compliance.
- Provide risk-based input during strategic planning, vendor selection, and client-facing initiatives.
- Monitor and interpret regulatory changes and compliance risks relevant to cybersecurity and data protection in Indonesia.
- Deliver training and awareness sessions to enhance understanding of ISO and risk management principles across departments.
- Collaborate with global risk and compliance teams, aligning local practices with corporate frameworks and participating in group-wide initiatives.
- Track, report, and follow up on non-conformities, risk events, and audit findings to ensure timely closure and mitigation.
Requirements
- Bachelor’s degree in Informatics Engineering, Computer Engineering, Information Security, Risk Management, or a related field.
- Relevant certifications highly preferred (e.g., ISO 27001 Lead Implementer/Auditor, CRISC,- etc.).
- Minimum 4 years of professional experience in risk management, compliance, information security, or internal audit.
- Prior experience working in regulated industries or certified environments (e.g., ISO/IEC 27001, ISO 9001, ISO 14001, etc.).
- Strong understanding of ISO/IEC 27001 and risk management frameworks (e.g., ISO 31000, COSO, NIST).
- Familiarity with compliance requirements in cybersecurity, privacy (e.g., PDP Law), and operational risk.
- Proficient in developing risk registers, audit reports, and SOPs.
- Experience working with global stakeholders and cross-functional teams is a plus.
- Strong analytical, documentation, and project management skills.
- Excellent communication in Bahasa Indonesia and English (both verbal and written).
- High integrity, attention to detail, and ability to work independently.
Tips Menjaga Diri
Perusahaan dan Lowongan di Dealls tidak meminta data pribadi, informasi rekening, atau pungutan ketika melamar. Hindari juga lowongan Google Form / Grup Telegram tanpa keabsahan yang jelas.
ITSEC is one of the leading cybersecurity companies in the APAC region, listed on the Indonesian Stock Exchange (IDX), with over 300 employees across five countries. We deliver end-to-end cybersecurity services and solutions, including Consulting Services, Security Solutions Integration, and Managed Security Services. ITSEC provides continuous IT infrastructure protection against multiplying cybersecurity threats and ensures compliance with increasingly demanding data protection and critical infrastructure regulations. Our expertise has been built over a decade of delivering thousands of high-quality cybersecurity projects, providing cutting-edge solutions in collaboration with world-class technology partners across financial, telecommunications, energy, transportation, manufacturing, and other critical industry sectors. We also have extensive experience in helping our customers with fraud prevention, Operational Technology (OT), and Industrial IoT (IIoT) security.
