Infosec Engineer - GRC
JULO
IT
Indonesia
Posted on Sunday, March 24, 2024
Responsibilities
We are looking for
We are looking for
- Someone with a passion for Information Security Engineer and can-do attitude to work closely with various teams within JULO leading and executing large and complex security projects and initiatives.
- Review and suggest various information security policies in JULO.
- Review and suggest risk assessment process in JULO.
- Perform necessary infosec business processes, such as but not limited to security pentesting, security risk assessment, product security consultation, etc.
- Own the planning and execution of activities in JULO’s Information Security roadmap.
- Improve JULO’s management of data, especially customer PII.
- Lead the analysis, evaluation, implementation, and improvement of security controls both in technical solutions and effective processes when operating applications, cloud and network infrastructures, and tools.
- Provide technical guidance, training, and mentoring to JULOvers working with confidential data, assets, access, and information.
- Keep up with current security vulnerabilities, threats, controls, and technologies and apply them if necessary.
- Practical problem solver, highly analytical, great team player, have excellent work ethic, and have strong security ethics.
- Can communicate clearly, timely, and professionally:
- With technical and non-technical users,
- With leadership roles and individual contributors
- In English and Indonesian.
- Expert in multi-tasking, both in planning, executing, and managing projects thoroughly in issue tracking tools.
- Experience in creating, maintaining, and improving GRC related processes.
- Hands-on experience with ISO 27001:2017 or ISO 27001:2022 recertification or surveillance audits
- 3 plus years of experience as a GRC personnel.
- Having completed CISSP, OSCP, CEH, or similar certifications..
- Having a deep understanding of GRC principles.