Risk Management Associate

ALTO Network is a leading payment infrastructure provider as well as the pioneer in payment solution by always bringing the most innovative and impactful technology to connect merchants or financial institutions with their customers to grow their businesses nationwide and beyond.

• Ensure that every part of ALTO recognizes, understands and controls the risks in its business processes adequately to ensure the smooth delivery of ALTO services.
• Coordinate and facilitate the implementation of Risk Control Self Assessment (RCSA) activities across all divisions in ALTO at least once per year.
• Coordinate and facilitate the implementation of Business Impact Analysis (BIA) activities.
• Coordinate ALTO's business continuity training and readiness testing activities.
• Identify all possible risk in all unit and division in ALTO
• Facilitate risk mitigation planning where the final risk score is not yet acceptable.
• Monitoring the realization of the agreed risk mitigation plan.
• Facilitate business continuity planning by preparing BCP and DRP documents in accordance with ALTO's needs.
• Regularly review the business impact of incidents to ensure the appropriateness of ALTO's risk posture and continuity plan.
• Created an ALTO risk posture report covering all divisions and business processes.
• Created BCP and DRP for all Critical Business Functions and Critical Application.
• Direct the identification and mitigation of risks relevant to ALTO's key business processes.
• Determine a Business Continuity and Disaster Recovery testing schedule that meets ALTO's needs.

• Preferable work experience in Information Technology, Risk Management, or Management System Consultant for 1-2 years
• Bachelor's degree preferably from Information Technology, Industrial Engineering, Electrical Engineering, or Management major.
• Preferably certified as internal auditor/implementer of management system standard (ISO or CISA), or certification related to risk management (e.g. CRISC).

Knowledge

• Risk Awareness
• IT Operation Process
• Switching Operation Process
• General IT Knowledge
• Security Awareness
• IT QA Methodology

Technical

• Risk Monitoring
• Risk Detection

Non-Technical

• Document Control
• Project Planning
• Reporting Skill