Ajaib
Ajaib6d ago
New

Senior GRC

IndonesiaIndonesia·JakartaFull-timesenior
Other
0 views0 saves0 applied

Quick Summary

Key Responsibilities

Lead the development, maintenance, and enforcement of corporate security policies, standards, and control frameworks across the organization.

Requirements Summary

Lead the development, maintenance, and enforcement of corporate security policies, standards, and control frameworks across the organization.

Technical Tools
Other

As a Senior GRC, you will act as a strategic advisor to executive and technology leadership, translating complex legal and regulatory requirements into tangible security controls. You will design the enterprise control framework, drive third-party risk management, and spearhead compliance for frameworks like SOC 2, ISO 27001, and NIST.

Responsibilities

~2 min read
  • Strategy & Governance: Lead the development, maintenance, and enforcement of corporate security policies, standards, and control frameworks across the organization.
  • Risk Management: Perform comprehensive enterprise risk assessments, maintain risk registers, track remediation roadmaps, and clearly report cyber risk posture to leadership. Perform IT risk assessments, maintain the local risk register, and report cyber risk postures directly to regional leadership.
  • Regulatory Compliance & Audit: Ensure alignment with Indonesian data privacy laws (UU PDP), OJK regulations (e.g., SEOJK 29), and Kominfo requirements. Act as the primary liaison for external auditors, Bank Indonesia, OJK, and other local regulatory bodies during audits. Oversee end-to-end compliance efforts (e.g., PCI-DSS, SOC 2, GDPR), coordinate with external auditors, and manage audit readiness.
  • Vendor Risk Management: Evaluate third-party risks during vendor onboarding and assess supply chain security vulnerabilities, ensure compliance with corporate security policies and standards.
  • Stakeholder Enablement: Collaborate closely with legal, engineering, and product teams to integrate security into development pipelines and daily operations.
  • IAM\PAM Governance & Lifecycle: Define and enforce identity governance policies, including user provisioning, Role-Based Access Control (RBAC), Least Privilege principles, and Segregation of Duties (SoD) matrices. Govern access controls for high-risk users and administrative accounts, ensuring alignment with security best practices and compliance logs.
  • Experience: 8+ years in cybersecurity, IT risk management, or information security, with deep experience navigating the Indonesian regulatory environment, and at least 3-4 years in a senior or lead capacity.
  • Framework Fluency: Deep, hands-on experience implementing framework such as ISO\IEC 27001, NIST CSF, COBIT and CIS benchmarks.
  • Certifications: Relevant industry certifications such as CISSP, CISA, or CRISC are highly preferred.
  • Communication: Exceptional ability to translate complex technical jargon into actionable business terms for executives.

Join us as we make magic happen to increase Indonesia’s financial inclusion!

Location & Eligibility

Where is the job
Jakarta, Indonesia
On-site at the office

Listing Details

Posted
July 1, 2026
First seen
July 3, 2026
Last seen
July 3, 2026

Posting Health

Days active
0
Repost count
0
Trust Level
60%
Scored at
July 3, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust
Ajaib
Ajaib
workable

Ajaib is a leading investment platform in Indonesia, founded in 2018, specializing in mobile and online trading solutions.

Employees
350
Founded
2018
View company profile
Newsletter

Stay ahead of the market

Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

A
B
C
D
Join 12,000+ marketers

No spam. Unsubscribe at any time.

AjaibSenior GRC