Samudera Indonesia offers a truly global and collaborative work experience. You’ll team up with some of the best and brightest people in many locations in Indonesia and beyond. And you’ll discover a world of extraordinary opportunity, challenge, and fulfillment where you can pursue goals, develop new skills, and explore new horizons.
Main Responsibilities
1. Coordinating the preparation of an annual risk-based IT audit plan and managing IT audits.
2. Monitoring and conduction the IT audit process as well as ensuring continuous improvement.
3. Performing evaluations and assessments of cybersecurity and IT systems.
4. Providing risk-related assistance/consultation to Subsidiaries.
5. Identifying and following up on IT audit findings.
6. Providing IT risk and technology change management assistance/consultation.
7. Developing the team and preparing succession within the organization.
General Responsibilities
1. Ensure the implementation of an Integrated Management System, including the identification, documentation, and control of risks in the relevant department's work area.
2. Foster and ensure the commitment of every team member to understand and adhere to all applicable Integrated Management System requirements.
3. Be willing to participate in the investigation process of accidents, incidents, or actions that may lead to incidents caused by unsafe actions or unsafe conditions, including providing accurate information and reports based on known facts.
4. Be willing to engage in the information security control process applied to protect the information assets and information processing assets owned and/or managed by the Company from threats to confidentiality, integrity, and availability.
Qualifications
1. At least holds a Bachelor's degree, any major is welcome, but IT is preferred.
2. Has experience in IT audit at least (minimum) 5 years, and 2 years at a managerial level.
3. Able to identify, assess, and manage risks related to IT and information systems.
4. Capable of conducting audits of IT systems, including hardware, software, as well as the processes and policies used to manage them.
5. Able to analyze and assess network configurations and settings (e.g., TCP/IP, DNS, HTTP, VPN, and other protocols).
6. Possess knowledge of standards and regulations governing IT systems and data.
7. Skilled in testing applications and systems to detect weaknesses and potential vulnerabilities.
8. Capable of analyzing system and application logs to detect potential threats or suspicious activities.
9. Understanding of data security management within organizations, including access control, data encryption, and protection of sensitive data; proficient in Data Loss Prevention (DLP) and Data Encryption concepts.
10. Possess knowledge of digital forensics is a plus.
Join us and help create the future of logistics!
