Compliance Manager - Digital Signature
Job Description
- Help Policy Authority (PA) maintain Digisign compliance with applicable laws, regulations, and PKI standards.
- Manage operational issues within the Trusted Role structure to ensure secure and reliable CA activities.
- Develop, maintain, and enforce procedures and guidelines governing CA activities.
- Make decisions on partner evaluation, product development, internal alignment, and operational issues.
- Advise and collaborate with relevant teams to solve operational issues and maintain Digisign's compliance.
- Manage relationships with external parties such as regulators, associations, and auditors.
- Capable of leading a team, making strategic decisions, and communicating effectively with stakeholders.
- Understand core components of PKI, including key and certificate lifecycle management and CA systems architecture.
- Possess a strong understanding of confidentiality, integrity, availability, and cybersecurity best practices for CA environments.
- Proficient in identifying, assessing, and mitigating risks, and ensuring adherence to regulatory and policy requirements.
- Familiar with relevant industry standards and regulations.
About the Role
You will be the Certification Authority (CA) Manager in the Trusted Role structure of PT Solusi Net Internusa (SNI/Digisign), part of the GoTo ecosystem. You will be responsible for overseeing the governance and compliance of the digital identity operation and work closely with product, infra, engineering, infosec and internal audit teams. In this role, you will lead strategic decision-making, manage operational risks, and ensure adherence to industry standards and regulatory requirements to maintain a secure and trusted CA environment.
What You Will Do
- Helping the Policy Authority (PA) in maintaining Digisign compliance to the applicable laws and regulations, including other relevant standards in Public Key Infrastructure (PKI).
- Managing operational issues within the Trusted Role structure to ensure a secure and reliable operation of the CA activities ie. compliance of all technical, administrative, and procedural aspects across the CA infrastructure.
- Develop, maintain, and enforce procedures and guidelines that govern CA activities.
- Making decisions on partner evaluation, product development, internal alignment and other operational issues as governed by internal standards, procedures and guidelines.
- Advising and collaborating with relevant teams to solve operational issues to maintain Digisign's compliance.
- Managing relationships with relevant external parties eg. regulator, association, auditor.
What You Will Need
- Capable of leading a team, making strategic decisions, and communicating effectively with both technical and non-technical stakeholders.
- Understands the core components of PKI, among others: key and certificate lifecycle management, CA systems architecture.
- Strong understanding of confidentiality, integrity, availability, and other cybersecurity best practices applicable to CA environments.
- Proficiency in identifying, assessing, and mitigating risks, as well as ensuring adherence to regulatory and policy requirements.
- Familiar with relevant industry standards and regulations.
About the Team
You will be part of the Digital Identity Compliance team, a highly collaborative and strategic unit at the core of Digisign’s trusted digital identity ecosystem. Our team plays a critical role in ensuring that all Certification Authority (CA) operations are secure, compliant, and aligned with industry standards and regulations. We work closely with internal stakeholders, external regulators, and auditors to maintain and elevate trust in our digital certificate services. As part of this team, you'll be contributing to high-impact decisions related to risk, policy, operations, and compliance in a fast-evolving PKI environment. We combine deep technical expertise with a strong understanding of regulatory frameworks to support a secure and reliable digital infrastructure in Indonesia.
