About the Role
As an IT GRC at GoTo Financial, you’ll play a crucial role in strengthening the company’s IT governance, risk management, and compliance posture to meet both local and international regulatory standards. Your work will help the company maintain its payment business license from regulators, comply with international certification standards, and enhance governance and risk management practices. If you’re excited about navigating regulatory challenges, driving compliance initiatives, and advancing IT governance and risk frameworks, this role is for you!
What You Will Do
- Ensure all processes & controls are in place related to ISO27001, PCI DSS, etc.
- Coordinating with related IT work units to follow up on data requests and internal audit findings, external audits, and regulators;
- Developing and maintaining IT policies, standards, and procedures according to applicable internal and external requirements;
- Developing and maintaining compliance, governance, and risk-related IT and business process flow;
- Coordinating with the compliance team to ensure that every initiative, development, and collaboration complies with standards (internal and external);
- Conducting routine evaluation of policies and procedures implementation;
- Ensure best practice risk mitigation and assessment functions are maintained to comply with the company's strategy.
- Implementing a good governance organization using the ISO27001 framework or others.
What You Will Need
- Strong experience with ISO 27001, and/or PCI-DSS standards;
- Strong experience in fulfillment of regulatory requirements (BI/OJK), including experience in handling regulatory audits;
- Experienced in creating and maintaining IT and/or information security policies and procedures;
- A minimum of 4 years of experience as an Information Security, IT Governance, Risk and Compliance (IT GRC) or IT Auditors;
- Proficient in English written, spoken, and demonstrates good communication and writing skills;
- Good knowledge of developing risk management, IT framework, familiarity with local/regional regulatory requirements, and how they impact IT policies;
- Good understanding of BIA, BCP, and BCM framework;
- One or more of the following or equivalent certifications are plus points: CISA, CRISC, ITIL, and COBIT are preferred
About the Team
Joining GoTo Financial (GTF) means becoming an integral part of a collaborative and dynamic team culture that values transparency, innovation, and teamwork. As a member of the GTF IT Governance, Risk, and Compliance (IT GRC) team, you'll find yourself immersed in an environment where your contributions are not only recognized but celebrated. You'll work alongside dedicated professionals within the GTF Compliance team, sharing insights, expertise, and best practices to ensure that our IT operations meet regulatory standards and industry requirements. Reporting directly to one of GTF's Head of IT GRC, you'll have the opportunity to learn from seasoned leaders in the field while also contributing your own unique perspective. Together, we'll continue to push the boundaries of innovation and set new standards for IT governance, risk management, and compliance in the financial industry.